It's not safe that all the archive is accessible by entering a pass-phrase, especially when the pass-phrase doesn't need to be strong. While by generating a key file and suggesting to keep it away from the system, the data will be more secure.
This requires buttercup-pw/buttercup-core#38 before the interface can be built in this project.
Key files are now supported in buttercup-core.
Perhaps a second release after the GUI rework could include keyfile support. Right @perry-mitchell?
Are there any plans to support something like YubiKey/general FIDO U2F devices? It's pretty nonstandard and 1Password provides some pretty good reasons why it's not necessary, but it would be nifty to have support (since I carry a YubiKey anyway). Multiple keys would be great (in case one was lost. TOTP is probably infeasible (and a bad idea). Please note I'm not talking about Dropbox etc _login_ support, but rather archive decryption support.
From a core/crypto perspective, perhaps MasterPW+YubiKey response could be pass+salt for the PBKDF2 seed? Multiple keys could work similarly, but then you'd have essentially x passphrases that could unlock an archive (where X is the number of YubiKeys configured to unlock the archive: MasterPW+Key1, MasterPW+Key2, etc). Unsure if this is a good idea in practice, but I'd love to explore more/chat about possibilities.
@Aktariel Yes, an issue is submitted for that: #233
@sallar That is a very good news that you are going to support FIDO U2F as a 2-factor authentication method to open the database.
But be careful not to realy on on Yubikeys because U2F is a standard and there are a lot of others U2F ready keys on the market.
@Shosta thanks. Please update the related issue with more information if possible, so we have a bit more knowledge on the matter.
Hi,
Some links on the protocol:
https://fidoalliance.org/download/
https://developers.yubico.com/U2F/
Happy to provide more info if needed.
Dashlane has some info HERE.. LastPass supports U2F as well. Importantly, though, is that those are essentially logins to a _service_, not for decrypting a file. Hence my suggestion above - though I'm open to doing some more digging.
U2F as a standard is being subsumed by the Web Authentication standard, which all major browsers will apparently support, but that's a little ways off - see eg THIS for Chrome and THIS for Safari and general context.
More information on U2F in general HERE, code for an iOS app to pretend to be a U2F device HERE, and a great write up (yes by Yubico) of how to use a YubiKey as an OTP device HERE - please note that this is not a U2F solution, but still something that would be pretty cool.
All of that ->^ aside, I imagine this is pretty low on the priority list - there's definitely lots of UI work I would thrill to see completed first (though I'm much more of a C/C++ person; this React/web stuff is pretty new to me).
This is definitely an interesting area of work, but it should be noted here also that our app is built on Electron and therefore Chrome - which does not support most features boasted by Yubikey. We're limited by that and are very much downstream.
If there are ways for yubikey to provide a key as text input or some other way that's not hard to implement we could look at integration already. Otherwise I'm not sure that there's much to be done here..
Is there any update on when we might see keyfile support in the UI for accessing the Buttercup archive (in addition to the password)? Even with strong encryption it's very risky to leave a vault on a cloud platform if it only has password protection and no second factor auth mechanism. Thanks!
For this to continue, we'd need someone to add keyfile support to our datasources and credentials. After this, we could begin adding it to the UI.
This seems out of scope and stale.. it's not getting done. U2F style key support might be added, if we get help on it, but key files will probably disappear.
Most helpful comment
Is there any update on when we might see keyfile support in the UI for accessing the Buttercup archive (in addition to the password)? Even with strong encryption it's very risky to leave a vault on a cloud platform if it only has password protection and no second factor auth mechanism. Thanks!