adding security layers to 2.7.9 causes database corruption issues with key file and yubico 5c nfc

[Somnia-terra]

I am using yubico-authenticator-7.0.0-linux app and Ubuntu 24.04.1 LTS. Forgive me, I am new to using KeePassXC. I don't see anything off-putting from the Yubico Authenticator app but the KeePassXC app seems to have display rendering issue after importing database from CSV files for a few seconds then the app is displaying normal as it should. I set the basic setting to 5.0 seconds for decryption time. I create key file + challenge response with Yubico 5c nfc. It has database corruption issue after it's created, then lock up the database, and test it by opening up the database with either yubico 5c nfc or key file both of those don't seem to work opening the database. Then I get a red message in the app saying if you try it again it could be corrupted. I can get the KeePassXC app to work only with password and no additional security layer. I tried restarting the app and recreating the database several times but cannot get it to work the way I want it to. What can I do to resolve this kind of problem?

[droidmonkey]

Hello, there is a bug in 2.7.9 that sets your password to an empty string if you don't "reset" it while adding a yubikey and/or key file. Make sure you have all three protection panes with information, then press OK to save it. If you see a message about a weak password then you didn't avoid the bug.

[droidmonkey]

I don't understand where you are going wrong to be honest.

[Somnia-terra]

With "reset", do you mean remove the password and then re-insert the password after putting in key file and challenge response? I am not sure if I am completely understanding the step process with your suggestion of getting around the problem.

I don't know if this part is important to you, but I installed the app through a PPA for Ubuntu. I see that this app uses Qt 5. I have other apps on the system using Qt 6. Do I need to install Qt 5 on my system? I am not sure if any of this means anything to you. I'm still kind of inexperienced to the software engineering world.

[Somnia-terra]

Also, putting the following information here with the Debug Info.

KeePassXC - Version 2.7.9
Revision: 8f6dd13

Qt 5.15.13
Debugging mode is disabled.

Operating system: Ubuntu 24.04.1 LTS
CPU architecture: x86_64
Kernel: linux 6.8.0-41-generic

Enabled extensions:

• Auto-Type
• Browser Integration
• Passkeys
• SSH Agent
• KeeShare
• YubiKey
• Secret Service Integration

Cryptographic libraries:

• Botan 2.19.3

[droidmonkey]

At this point just create a new database and set the password, key file, and yubikey right at creation. You really don't need a key file if you are using yubikey, just a hint.

[Somnia-terra]

Okay, I was getting hung up with creating the database at the start with setting the password, generate key file, and the Yubikey altogether right at creation of the database, and wasn't getting any messages except knowing the database is corrupted.

I was able to get a functioning database with just the password and the yubikey while omitting the key file pane.

I appreciate your suggestions and the time in helping me! I like how this program is designed. 😀

[droidmonkey]

You're welcome, recommend a quick read of our user guide: https://keepassxc.org/docs/KeePassXC_UserGuide

[Somnia-terra]

Thank you for the recommendation, I will look things over through the guide when time permits me.

This project looks very appealing for me to contribute! I personally want to start somewhere with programming on my free time and get comprehensive knowledge to grasp the concepts. I have background knowledge for .NET and C# with Visual Studio, Python, Visual Basic, Assembly MIPS, and some bash. Currently, I am not familiar with data structures in programming. Though I sure want to get familiar with Qt and C++ for building cross-platform desktop apps.

I'll take any other suggestions you may offer how I can volunteer with this project.

[droidmonkey]

We might not be the best project to start your developer journey on, but you can certainly look into our Wiki and "help wanted" issues:

https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC

https://github.com/keepassxreboot/keepassxc/issues?q=sort%3Aupdated-desc+is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22%2C%22help+wanted%22