Windows IoT Core with Raspberry Pi - hardware password vault

Question

Windows IoT Core with Raspberry Pi - hardware password vault

Opened this issue 8 years ago · 1 comments

RyanONeill1970 commented 8 years ago

My ideal setup would be the following, in your opinion is this feasible? I'm not sure if KP has a server / client split which would be the major component required. I'm keen and able to contribute if this is a direction you'd consider taking.

Server

Raspberry Pi 3 running Windows IoT insider build (I have this done) and .Net core.
On that Pi, run a server component of KeePassWin to hold the passwords.
Use a YubiKey with One Time Password plugged into the Pi to allow access to a single password at a time.

Clients

Windows 10 - would request a password via the KP server API. The server would then require the YubiKey to by physically pressed to unlock the password safe and proceed.
Windows Phone - same deal as Windows 10.

The reason I'd like to do this is to get the passwords off my PC and only accessible when I physically press a button (the YubiKey). This will hopefully prevent an app getting in and trying to mine the password safe or a key logger grabbing my master password and doing the same.

Your thoughts?

Ryan

Answer 1 · 2017-04-19T00:39:31.000Z

Definitely an interesting idea. I've thought something like this would be cool, but haven't taken the time to see how to implement it. Most of the components in here are decoupled (DI is heavily utilized), so if you can isolate a service or collection of services that could be used to form a server/client distinction, I'd be willing to accept a feature like that.