Yubico Forum
https://forum.yubico.com/

[QUESTION] - KeePass2 on PC/Android / Challenge/Response?
https://forum.yubico.com/viewtopic.php?f=26&t=2694
Page 1 of 1

Author:  peach200 [ Fri Aug 25, 2017 8:33 am ]
Post subject:  [QUESTION] - KeePass2 on PC/Android / Challenge/Response?

I've been trying to piece meal a clean solution to use KeePass 2 on PC/Win7 + Android 7. I got the KeePass2 + KeeChallenge to work awesome on desktop (with even no interaction scenario), but I'm having a hard time getting the Android piece to work. I'm trying to use KeePass2Android with the YubiChallenge BUT it doesn't seem to work (KeePass2Anroid doens't launch YubiChallenge or the NFC integration with YubiChallenge is not working).

I know the YubiClip can copy using a static password, but this isn't as strong a security option (and actually more work in the case of desktop use).

Does anyone have any experience getting the KeePass2 + Yubikey to work nicely on Android 7 they can share?

Thanks!

Author:  Sevo [ Fri Sep 08, 2017 8:45 pm ]
Post subject:  Re: [QUESTION] - KeePass2 on PC/Android / Challenge/Response

In my experience you can not use YubiChallenge with Keepass2Android - it clashes with its internal Yubikey Neo support, each stealing the NFC focus from the other. Use the KeeChallenge plugin with Keepass2 on the Desktop, and the internal Challenge-Response method in KP2A.

Author:  peach200 [ Sat Sep 09, 2017 11:09 pm ]
Post subject:  Re: [QUESTION] - KeePass2 on PC/Android / Challenge/Response

Hi Sevo, could you clarify the steps you use for the KP2A? I have it installed, open kdbx, and select "Password + Challenge-Response". There's a field for password, and a button to "Load OTP Auxiliary File...". If I click the button, it just shows another screen titled "Select the storage type", with options to select System file picker, dropbox, etc. If I just swipe the NEO, it just prompts with Chrome, Firefox, Samsung Internet... Should there be one for KP2A?

Thanks!

Author:  poultrygeist [ Tue Jan 09, 2018 7:18 pm ]
Post subject:  Re: [QUESTION] - KeePass2 on PC/Android / Challenge/Response

peach200 wrote:
Hi Sevo, could you clarify the steps you use for the KP2A? I have it installed, open kdbx, and select "Password + Challenge-Response". There's a field for password, and a button to "Load OTP Auxiliary File...". If I click the button, it just shows another screen titled "Select the storage type", with options to select System file picker, dropbox, etc. If I just swipe the NEO, it just prompts with Chrome, Firefox, Samsung Internet... Should there be one for KP2A?

Thanks!


Hi peach200,
You need to be sure you have your challenge .xml file in your phone's storage. Once you click the Load OTP Auxiliary File button, navigate to the .xml file in your phone's storage. When it is selected, you will be prompted to swipe your YubiKey NEO.

This page is very helpful if you would like to check out their setup and configuration instructions:
https://b3n.org/yubikey-two-factor-authentication

Cheers!

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/