The plugin doesn't work with private key of the certificate directly, just uses API to generate hashed / encrypted digital signature. The plugin will use X.509 certificate to digitally sign some predefined phrase, that is specified in the plugin, with private key of the certificate and uses the output of the signature as "secret key" for the KeePass database. With Smart Cards you add an additional level of security, ensuring that the KeePass Key file would not be compromised or stolen by some virus or malware.Īlso if you lose your Smart Card, your certificates are protected by PIN and after entering 3 times wrong PIN, the Smart Card will be locked. The certificate will never leave Smart Card, but Windows will mark it as a "link" and when you would like to use the certificate you would need to enter a PIN of the Smart Card to access selected certificate. This registration is more like a link between the Smart Card and Windows, because of the security. It should be compatible with any Smart Card, but it was tested only with:Īfter inserting USB token into PC, Windows will automatically install drivers ( if not, please refer to USB token manufacturer pages to download additional drivers) and registers available certificates into yours Windows from Smart Card. remembers last used certificate for a particular KeePass database, so you don't have to choose it during each unlock of the database.allows to use X.509 certificate installed on Smart Card.allows to use X.509 certificate installed in Windows. ![]() ![]() installed in Windows My User account Certificate Store. ![]() This KeePass 2.x plugin is used to protect a KeePass database with X.509 certificate that is:
0 Comments
Leave a Reply. |