{"id":13722184,"url":"https://github.com/sirAndros/KeePassWinHello","last_synced_at":"2025-05-07T14:31:13.154Z","repository":{"id":39987889,"uuid":"146117271","full_name":"sirAndros/KeePassWinHello","owner":"sirAndros","description":"Quick unlock KeePass 2 database using biometrics with Windows Hello","archived":false,"fork":false,"pushed_at":"2024-06-01T16:30:04.000Z","size":1903,"stargazers_count":318,"open_issues_count":26,"forks_count":23,"subscribers_count":16,"default_branch":"master","last_synced_at":"2024-11-14T11:39:53.927Z","etag":null,"topics":["biometrics","keepass","password-manager","plugin","security","unlock","windows-hello","winhello"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sirAndros.png","metadata":{"files":{"readme":"ReadMe.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-25T17:51:10.000Z","updated_at":"2024-10-18T17:26:27.000Z","dependencies_parsed_at":"2024-01-06T01:08:59.687Z","dependency_job_id":"b0320cc5-665f-4b61-adbe-51fea6bda3aa","html_url":"https://github.com/sirAndros/KeePassWinHello","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sirAndros%2FKeePassWinHello","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sirAndros%2FKeePassWinHello/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sirAndros%2FKeePassWinHello/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sirAndros%2FKeePassWinHello/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sirAndros","download_url":"https://codeload.github.com/sirAndros/KeePassWinHello/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252895590,"owners_count":21821186,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["biometrics","keepass","password-manager","plugin","security","unlock","windows-hello","winhello"],"created_at":"2024-08-03T01:01:25.519Z","updated_at":"2025-05-07T14:31:12.571Z","avatar_url":"https://github.com/sirAndros.png","language":"C#","funding_links":[],"categories":["Plugins","C#"],"sub_categories":["Other clients"],"readme":"Quick unlock with Windows Hello for KeePass 2\n=============================================\n\n[![Build Status](https://travis-ci.org/sirAndros/KeePassWinHello.svg?branch=master)](https://travis-ci.org/sirAndros/KeePassWinHello)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=sirAndros_KeePassWinHello\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=sirAndros_KeePassWinHello)\n[![GitHub All Releases](https://img.shields.io/github/downloads/sirAndros/KeePassWinHello/total)](https://github.com/sirAndros/KeePassWinHello/releases)\n[![Chocolatey](https://img.shields.io/chocolatey/dt/keepass-plugin-winhello?label=chocolatey)](https://chocolatey.org/packages/keepass-plugin-winhello)\n\n\n\nThis plugin for [KeePass 2][KeePass] password manager is intended for fast authorization with pin or biometrics to a database after its first unlock using [Windows Hello technology][WinHello].\n\n[KeePass]: https://keepass.info/\n[WinHello]: https://support.microsoft.com/en-us/help/17215/windows-10-what-is-hello\n\nUsage\n-----\n\nWith this plugin you may:\n\n1. Unlock your database with your masterkey/keyfile/other provider;\n\n    \u003cimg src=\"https://github.com/sirAndros/KeePassWinHello/blob/master/Screenshots/KeePassPrompt.png?raw=true\" width=500/\u003e\n2. Lock the database (for example, applying autolock on minimize);\n3. When you try to unlock it again, if Windows Hello is available on your system and active for the database, a Windows Hello prompt will be shown over a classic KeePass unlock prompt;\n\n    \u003cimg src=\"https://github.com/sirAndros/KeePassWinHello/blob/master/Screenshots/Hello1.png?raw=true\" width=500/\u003e\n4. Profit!\n\nSystems Requirements\n--------------------\n\nThis plugin relies on Windows Hello API and its [requirements][WinHelloReq].\n\nThere are some known issues with Windows Hello reported by community.\nPlease, check [here](https://github.com/sirAndros/KeePassWinHello/wiki/Windows-Hello-issues) before write issue.\n\nTested on Microsoft Surface Pro 2017 with KeePass 2.39.1 and 2.42.1.\n\n[WinHelloReq]: https://www.microsoft.com/en-US/windows/windows-10-specifications\n\nHow to Install\n--------------\n\nPlace [KeePassWinHelloPlugin.plgx][binLink] into `Plugins` folder in your KeePass installation\n*(by default is `C:\\Program Files (x86)\\KeePass Password Safe 2`)*.\n\n[binLink]: https://github.com/sirAndros/KeePassWinHello/releases \"Plugin Releases\"\n\nOr you can use [Chocolatey](https://chocolatey.org/packages/keepass-plugin-winhello) to install it in a more automated manner:\n\n``` powershell\nchoco install keepass-plugin-winhello\n```\n\nKey storage\n-----------\n\nBy default this plugin holds an encrypted master password in memory and removes it upon KeePass closing. In order to be able to unlock your database via Windows Hello authentication in between KeePass launches you may check \"Store keys in the Windows Credential Manager\" on in the Options dialog. This will prompts you for creating a persistent key signed with your biometry via Windows Hello. The key is used to encrypt master passwords for securely storing them in the Windows Credential Manager.\n\nOptions\n-------\n\nThe plugin integrates itself into the KeePass settings dialog.\n\n\u003cimg src=\"https://github.com/sirAndros/KeePassWinHello/blob/master/Screenshots/Options.png?raw=true\" width=600/\u003e\n\nAvailable settings:\n\n* Valid time period (default: 24 hours): Choose how long a saved key will be available. Once this period has expired you need to provide your full password to unlock the database again.\n* Storage location: Choose where to hold encrypted master passwords - in the KeePass process memory (by default) or in the Windows Credential Manager.\n* Revoke all: Allows you to delete all stored keys.\n\nAll changes will be applied only after `OK` button press.\nYou can cancel the modifications using `Cancel` button instead.\n\nSecurity Notice\n---------------\n\nAs you should never approve any process elevation (run as admin) if you don't trust an application (because otherwise they can do almost anything), you should never sign Windows Hello prompt if you did not request it, especially when using the persistent storage.\nIn those cases your both passwords and PC are at risk.\n\nOur plugin prompts you to authorize Windows Hello only in the following cases:\n\n* You prompted to decrypt KeePass database.\n* You changed the in-memory storage to the persistent one.\n* If one of the operations above failed due to a known recoverable internal Windows Hello problem we could retry the prompt with an appropriate message.\n_Warning: if an action being requested by you was actually succeeded, this one can be phishing \"retry\" and you should also cancel it if you're not sure._\n\nSo it works like a rule of thumb: just like you cancel an unintended UAC dialog, you should cancel an unintended Windows Hello prompt.\n\nNotes\n-----\n\nNo sensitive information including master passwords for databases are stored by the plugin in a plain text. A database key is encrypted and decrypted using Windows Hello API in order to unlock the database.\n\nDevelopment\n-----------\n\nCreate junction/copy folder with KeePass.exe to root of the repository as folder named \"lib\".\nDebug \"KeePassWinHello.Debug\" project with \"Linked KeePass\" launch profile.\nIf you add some file - don't forget to add it to `KeePassWinHello.csproj`, otherwise it won't be included in plgx on publish.\n\nCredits\n-------\n\n* _Microsoft_ for [Windows Hello][WinHello] technology\n* _JanisEst_ and his [KeePassQuickUnlock](https://github.com/JanisEst/KeePassQuickUnlock) for inspiration\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FsirAndros%2FKeePassWinHello","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FsirAndros%2FKeePassWinHello","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FsirAndros%2FKeePassWinHello/lists"}