doy/rbw

[Feature] add additional security through optional challenge-response

Hero9909 opened this issue · 0 comments

I saw this feature when I integrated vaultwarden and keepassxc into my git setup using your git-credentials helper and the project git-credential-keepassxc .
This also provided a way to use the yubikey as an additional layer to prevent unattended use of the helper by requiring a touch of the yubikey when inserting a password.

This would minimize the risk of an unattended program/process being able to read the passwords easily and unnoticed.

A current workaround would be to set the timeout to a very low value such as 30 seconds, even if this would mean that you would have to log in again for each password.