Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ledfan/keywi

Minimalistic Keepass plugin using Web Extensions and KeepassHTTP.
https://github.com/ledfan/keywi

addon firefox keepass keepasshttp password-manager web-extension

Last synced: 3 months ago
JSON representation

Minimalistic Keepass plugin using Web Extensions and KeepassHTTP.

Awesome Lists containing this project

README 

        
![Logo](icons/keywi-256.png)



Keywi

===



Minimalistic Keepass extension using Web Extensions and KeepassHTTP.



## Goals

 - Minimalistic password integration in Firefox

 - Fill username and password in login form, using context menu and keyboard shortcut

 - Use [Keepass HTTP](https://github.com/pfn/keepasshttp)

 - No editing of the Keepass database

 - Using the Firefox web extensions API, to support Firefox 57 and later

 - Support Keepass, KeepassXC, later maybe [Pass](https://www.passwordstore.org/)

 - Minimal amount of libraries (aes and cryptohelpers)

 - No automatic form filling, i.e. only when the user wants to. The user has to select the form itself. This is very important because:

   - credentials can be filled in the wrong site (e.g. a DNS spoofing)

   - credentials can be filled in the sign up form

   - credentials can be filled in a hidden form

   - you don't want to log in on this website now

   - there are multiple forms on the website (unlikely)

 - No injecting of buttons or icons into forms

 - Support HTTP basic authentication



## Usage

Keywi uses the local storage mechanism of the browser to store some information needed to connect to Keepass. This information includes the key used to authenticate and encrypt the communication with Keepass. The information stored in the local storage of the browser is stored unencrypted.

Therefore Keywi encrypts this information (`database.key`, `database.id` and `database.hash`) using 256-bit AES key derived from a user-provided password.



This password is asked to the user the first time Keywi is used for encrypting the information. Every time you start Firefox it's asked to decrypt the information.



Keywi requires Firefox 51 or later.



### First time

 1. install the KeepassHTTP plugin in Keepass. See: https://github.com/pfn/keepasshttp

 2. make sure the correct Keepass database is open

 3. install the addon

 4. you'll be asked to enter a password for secure storage. You should **not** use the same password as used in Keepass. Make sure it's a secure and strong password.





	




 5. keepass will ask to confirm the association





	




### When Firefox starts

You will be asked to unlock the Secure Storage using the same password as during the setup.



	




### Fill in credentials

 1. select the username input field

 2. right click and choose "Fill username and password" inside the "Keywi" submenu. It's possible to only fill your username or password.



  



 3. Click "Allow" when keepass asks permission for the request to the credentials

 4. the username and password are filled



### Keyboard shortcuts:

The following shortcuts are supported:

 - Ctrl + Shift + F Fill username and password in the current active input field (only the username will be filled when no password field is found)

 - Ctrl + Shift + D Fill only password in the current active input field



### Multiple Credentials for one URL

When Keepass finds multiple credentials for one URL, it will ask you to select one:



  




### Disable "Remember for logins" in Firefox

To provide a better user experience we advise to disable the feature in Firefox to remember logins.



### HTTP Basic Auth

When a website asks for your credentials using basic auth, Keywi will ask you whether you want the credentials to be filled:



  



Press Enter or `Fetch credentials` to continue. Confirm the credential you want to fill. Use Enter when only one credential is available.



	




## Translations

This project is translated using Crowdin.

Follow these steps if you want to contribute

 1. Start with the [Keywi project on Crowdin](https://crwd.in/keywi)

 2. Continue working on an existing language or [ask us to add a new one](https://github.com/LEDfan/keywi/issues/new)

 3. We will put the translations in the next release of Keywi

 4. It's not necessary to translate technical terms, like the following words, if there is no good translation which fits the context:

  - database

  - Secure Storage

  - hash



The following word should always be capitalized:

 - Keywi

 - Keepass

 - Secure Storage



Thanks for helping!



### Translation of addons.mozilla.org metadata

 1. fork this repo and clone it into your workspace

 2. copy the `_amo/en/description.html` file to e.g. `_amo/nl/description.html`

 2. copy the `_amo/en/summary.txt` file to e.g. `_amo/nl/summary.txt`

 3. translate it

 4. commit and push to Github

 5. open a pull request



In `description.html` these HTML tags are supported:

```

    
    
  •  
        
        .
        


        ## Used libraries

        This project uses the following libraries which are all found under the `vendor` directory:

         - `aes.js` from slowAES https://code.google.com/archive/p/slowaes licensed under Apache License 2.0

         - `cryptoHelpers.js` from slowAES https://code.google.com/archive/p/slowaes licensed under Apache License 2.0

         - `debounce.js` part of Underscoe.js http://underscorejs.org/ licensed under the MIT license

         - `utf8.js` part of the passifox project https://github.com/pfn/passifox/blob/master/chromeipass/background/utf8.js licensed under GPL v3

         - Please note that some functions of the `background/keepass.js` file are based on functions of the passifox project https://github.com/pfn/passifox licensed under the GPL v3
        


        ## Logo

        The logo is based on https://pixabay.com/en/key-lock-web-1294351/ and https://pixabay.com/en/kiwi-fruit-food-half-green-fresh-310189/

        

      

      1.