SecUSo/privacy-friendly-qr-scanner

Feature request - Encrypted text into QR Codes.

Opened this issue · 2 comments

First of all, I would like to know if this project is still alive since it is the best QR Code scanner out there.

My request...
I use a password manager, as I hope all of you. I have a very strong master password, U2F and so on, but I am getting older so I'm afraid of forgetting the password eventually. Print the master password in a paper is an option, but I am looking for a better way to store it so I realized I could encrypt the password using symmetric GnuPG encryption and generate a QR Code with your application.

So basically:
1- I use gnupg on Linux (gnupg -c -a mypassword.txt) or OpenKeyChain on Android.
2- I use your QR Scanner to create a QR Code with the output.
3- I print it and store in a fireproof bag.
To decrypt it:
1- I read the QR with your app
2- Copy the text to the clipboard
3- I decrypt it using OpenKeyChain or (gnupg -d )

Advantages:

  • The password is encrypted with an easy to remember pin or short password, it is better than print it in plain text.
  • If someone find the password he/she must know the pin AND has to have ALSO the knowledge to decrypted it.

Off course this can be use to store safely any kind of information not only passwords.

I thought maybe you can include all these steps in the generation/reading of a QR Code, for example, in the QR Generation, it could have a Encrypted QR or GPG whatever option. Then when the app reads a QR Code that has the "BEGIN/END PGP MESSAGE" could request a password and decrypt the QR content.

You could use OpenKeyChain but it is no longer actively maintained, I found some other libraries you could use:
https://github.com/pgpainless/pgpainless
https://github.com/ProtonMail/gopenpgp

Hope this is good idea for you and that the project is still alive. Thank you very much for the app and your time.

An obvious solution:

Gnupg can encrypt your password with armored-output.
So just convert the armored ciphertext with any qr software.

Yes, I am doing it that way as I wrote...
But it would be really easy if we have this option, besides I have commented this idea in several reddit post and a lot of ppl think is a good idea (encrypted passwords in QR codes). So having this option in the app would be fantastic.