-
-
Notifications
You must be signed in to change notification settings - Fork 30
KeePassOTP fields
This page lists all data that KeePassOTP stores related to a specific entry.
Dependant on the storage approach this fields are either stored within the respective entry or in an additional database which is embedded in the main database.
This field contains all required standard information to calculate an OTP and is stored as protected string.
OTP data is stored in the otpauth format which is described here: OTPAUTH key uri
The entire field will always be stored in an encrypted way.
It will not be decrypted to calculate an OTP.
It will only be decrypted to show it to you in the OTP setup form.
Example 1: otpauth://totp?secret=abcdabcd
Example 2: otpauth://totp/?secret=abcdabcd&algorithm=SHA1&digits=6&period=30
Example 2: otpauth://totp/?secret=abcdabcd&algorithm=SHA1&digits=8&period=15
The first two examples will result in exactly the same OTP being calculated wheras the 3rd example will calculate an OTP with 8 digits that will change every 15 seconds.
You can use KeePassOTP to configure all of the available parameters.
In most of the cases the defaults suggested by KeePassOTP will be just fine.
Advanced settings are hidden by default as they are not required in app. 99.9% of all cases.
If you were explicitly advised to change the default settings, simply display them.
This field is optional and only required in rare cases.
It is stored in the plugin data area - entry tab: Properties
In case of HOTP it is not required at all.
If TOTP is used and there is a huge difference between your computer and the site you want to logon, you can compensate this by providing a specific URL here.
You can also provide OWNURL
to always use the URL currently maintained in the entry itself.
KeePassOTP will then query the site's date, compare it with your local time and accomodate for any difference to ensure that the calculated OTP is accepted.
This field is optional.
It is stored in the plugin data area - entry tab: Properties
You may use it to store recovery codes to regain entry into your account.
Usually recovery codes can be used one-time each to authenticate and are intended for occasions when the users lose access to their OTP devices.
KeePassOTP offers to save these codes. It does not any kind of handling them. It is up to you to keep them accurate, e. g. remove used recovery codes.
This field is only required if OTP data is stored in a separate database, cf. storage approach
It is stored in the plugin data area - entry tab: Properties
A value of true indicates that OTP data is defined for the respective entry. Absence of this field or any other value indicate that no OTP data is defined.
It only exists if both criteria are fulfilled:
- Storage approach OTP storage in a separate database is active
- OTP data for the respective entry is defined
This field only exists in the OTP database, it never exists in the main database.
It is only listed for sake of completeness.
KeePassOTP relies on this field to link OTP data to their respective entries as it contains the respective main database's entry's UUID in hex format - PwUuid.ToHexString