sirAndros
released this
Fixed the security issue found by Angelelz #38.
It allowed to execute a spoofing attack by replacing the permanent key used to sign master passwords while storing in the Windows Credential Manager. Big thanks to Angelelz!
Assets
3
sirAndros
released this
This release is dedicated to minor but still important improvements which cut corners is some scenarios of using the plugin.
- Revoking the key if Windows Hello prompt was cancelled is now optional (#30, thanks to GoldenHashtag)
- New algorithm for handling secure desktop which is compatible with AutoType and Open From URL dialogs (#18, thanks to kinglike1337)
- Fixed an error when creating a permanent key on Windows 10 earlier 1809 (#33, thanks to mullenat and tvannuland).
Assets
3
sirAndros
released this
In this major release we have finally shipped a long-awaited feature for a permanent storage for master passwords (#7).
The storage holds its content encrypted with a permanent key signed with your biometry via Windows Hello.
Please follow to the Options dialog and create a permanent key in order to enable this storage. Thanks to gio710 and many others.
In addition, you can revoke all stored keys manually on the Options (#10, thanks to ghost).
And now here is the most significant change ever. Let us introduce our brand-new ultimate icon!
Assets
3
sirAndros
released this
Support running in elevated KeePass process (#11)
Assets
3
sirAndros
released this
Added support for KeePass option "Enter master key on secure desktop" (#12)
Assets
3
shuffle-c
released this
This release is built on a completely new codebase that aims to improve UX, enhance code quality, stability and maintainability, essentially focusing on security issues. In particular, the release includes:
Features:
- New smooth lock-unlock workflow without a redundant "quick" key provider;
- Encoding and decoding keys from third-party providers based on the metadata instead of caching their effective keys;
- Increased security of key management (keys are encrypted by Windows Hello and AES algorithms);
- Added an option to disable the plugin in Settings dialog;
Fixes:
- Fixed the issue with keeping original key file path upon unlocking DB (#9, thanks to kinglike1337)
- Changes of validity period option is now applied to existing stored keys (related to #10, thanks to ghost)
- Fixed a possible vulnerable behavior by suggesting quick authorization in case of suspected key compromise.
Assets
3
shuffle-c
released this
- Fixed handling an exception if WinHello is disabled #1 (thanks to rjt)
- Small improvements in Options dialog
Assets
3
sirAndros
released this
First public release