Keepass2android: Password + Challenge-Response (Keepass XC) with YubiKey 5C does not work

Created on 14 Jan 2019  路  1Comment  路  Source: PhilippC/keepass2android

I have a problem decrypting my Keepass XC database with my password in combination with the keepassxc specific challenge-response method. I get always a FirstInvalidCompositeKeyError. Opening the same database works flawlessly on both MacOS and Linux with KeepassXC.

My environment:

  • Google Pixel with Android 9
  • Same behavior with both Keepass2Android version 1.06f and v1.07-pre3
  • ykDroid v1.1.1
  • YubiKey 5C with challenge-response on slot 1 (variable input HMAC-SHA1 mode)

Most helpful comment

I solved the issue by extensively reading all your comments regarding the challenge-response topic. Using the kdbx4 db format is mandatory: https://keepassxc.org/docs/#faq-security-kdbx4

>All comments

I solved the issue by extensively reading all your comments regarding the challenge-response topic. Using the kdbx4 db format is mandatory: https://keepassxc.org/docs/#faq-security-kdbx4

Was this page helpful?
0 / 5 - 0 ratings