Specific characters and password managers
-
No, this is known as wish it was two factor.
Oh well, another Keepass entry I suppose
Situation: I have KeePass, where I have a wish it were 2 factor second password stored alongside my existing password. I don't log in to this site often enough that I'm going to remember the 6 digit code without putting in effort I'm not interested in expending. Auto type as far as I can see is only suitable for entering full passwords.
Is there any way to coax it (or some other password manager) into somehow detecting which specific characters are being asked for and entering those only? I imagine not, since each site would handle it differently, but even if there was some way of scripting it that I could set up for an individual site that would be a good start
-
@jaloopa
Can't you customize the AutoType strokes for that particular entry to be{USERNAME}{TAB}{PASSWORD}{TAB}123456{ENTER}
and be done with it? From your description the Pin number doesn't really require being hidden from shoulder-surfers, if you even open KeePass' tab where you customize the autotype strokes.
-
@jbert said in Specific characters and password managers:
@jaloopa Can't you customize the AutoType strokes for that particular entry to be
{USERNAME}{TAB}{PASSWORD}{TAB}123456{ENTER}
and be done with it? From your description the Pin number doesn't really require being hidden from shoulder-surfers, if you even open KeePass' tab where you customize the autotype strokes.The digits it wants are randomly selected. So if your PIN is
123456
, one login it might want1
and4
and another might want2
and6
.
-
@benjamin-hall said in Specific characters and password managers:
@jbert said in Specific characters and password managers:
@jaloopa Can't you customize the AutoType strokes for that particular entry to be
{USERNAME}{TAB}{PASSWORD}{TAB}123456{ENTER}
and be done with it? From your description the Pin number doesn't really require being hidden from shoulder-surfers, if you even open KeePass' tab where you customize the autotype strokes.The digits it wants are randomly selected. So if your PIN is
123456
, one login it might want1
and4
and another might want2
and6
.Exactly this:
I could write a userscript or something to parse out the text value of the label and insert the correctly insexed character of the Personal PIN Number, but that's a bit silly.
It just seems like such a common spanner to throw in the works for password manager users that you'd think someone would have at least made some attempt to work around it
-
@benjamin-hall Oh. So it's actually "give two factor a bad reputation"-authentication.
I've marked my answer as deleted.The password manager will either not be able to interact with the browser contents (they can only check the browser's title) or any browser extensions it has will not have the scripting requirements needed.
If you want to go through with it I would break out a userscript which listens to some specific event or hotkey and then detects the next few keypresses, chops it into separate digits and then tries to match up the necessary fields. Your password manager could then send
{USERNAME}{TAB}{PASSWORD}{TAB}%g123456{ENTER}
(the percent sign means Alt + next key in KeePass) to trigger the whole thing.
-
@jbert yeah, that's why it was called out as "wish it were two factor" authentication. Security is hard. Especially when morons are in charge of it.
-
Do you want there to be a standard for how to do this ridiculous excuse for a 2-factor authentication that password managers can handle easily and predictably?
They could at least do the same thing as every other wannabe 2-factor site out there and ask for your dog's grandmother's middle name or something.
-
@undergroundcode said in Specific characters and password managers:
They could at least do the same thing as every other wannabe 2-factor site out there and ask for your dog's grandmother's middle name or something
Yeah, there's another one like that that I have to access for work. That's much easier in that I can set three (yes, there are three "secret questions", all of which must be answered on every login) additional string fields and set auto type to enter them all.
@undergroundcode said in Specific characters and password managers:
Do you want there to be a standard for how to do this ridiculous excuse for a 2-factor authentication that password managers can handle easily and predictably?
Maybe I could fork KeePass and integrate Selenium scripting into it...
-
@jaloopa said in Specific characters and password managers:
Maybe I could fork KeePass and integrate Selenium scripting into it...
Beware--that way lies madness. Seems you've been staring into the abyss for a bit too long...
-
@jaloopa said in Specific characters and password managers:
Is there any way to coax it (or some other password manager) into somehow detecting which specific characters are being asked for and entering those only?
Yes. Set your password as the same digit six times in a row. That way no matter which two digits it asks for you enter the same response.
-
@da-doctah I bet they forbid that.
-
A partial solution
The {PICKCHARS} placeholder brings up a dialog to choose which characters to use from a password or specified field. I can't seem to work out how to get it to come up twice for the two required entries yet
-
Sorted
{PICKCHARS:wiw2f:ID=1, C=1}{TAB}{PICKCHARS:wiw2f:ID=2, C=1}{ENTER}
-
@jaloopa said in Specific characters and password managers:
I don't log in to this site often enough that I'm going to remember the 6 digit code without putting in effort I'm not interested in expending.
If you don't log into the site more than once a month or so, why not just do it manually? Sure it's a pain, but trying to automate it will take more of your net time, and likely fail anyway.
-
@blakeyrat That's why they outsourced to this forum.
-
@blakeyrat said in Specific characters and password managers:
Sure it's a pain, but trying to automate it will take more of your net time, and likely fail anyway.
I had a bit of down time while waiting for a meeting to start so got thinking about it.
I've now discovered a passable workaround that requires my input as far as clicking some numbers but is otherwise auto typed. Good enough for now
-
@jaloopa Eh more power to you.
-
@blakeyrat said in Specific characters and password managers:
If you don't log into the site more than once a month or so, why not just do it manually? Sure it's a pain, but trying to automate it will take more of your net time, and likely fail anyway.
I've tried automating things like that before. Usually goes like spend 2 hours getting it to work, figure that it took a while but it'll be worth it next time, then 2 months later when the next time to login comes, it's broken because the site changed something. Then spend another 2 hours fixing it, repeat indefinitely.
-
@undergroundcode said in Specific characters and password managers:
I've tried automating things like that before. Usually goes like spend 2 hours getting it to work, figure that it took a while but it'll be worth it next time,
-
@hardwaregeek I was thinking of that one, too. Thanks for posting it.
-
@jaloopa said in Specific characters and password managers:
It just seems like such a common spanner to throw in the works for password manager users that you'd think someone would have at least made some attempt to work around it
I've never seen this before, except in old-school game anti-piracy where you had to search the manual for specific words on specific pages.
-
@tsaukpaetra it seems to be a brainworm that's infected British banks in particular. It's ridiculous as it's a huge flashing sign that they don't hash the data
-
@jaloopa not necessarily, they might have stored a hash for each individual digit
-
@robo2 said in Specific characters and password managers:
@jaloopa not necessarily, they might have stored a hash for each individual digit
With the salt being the rest of the password. Genius!
-
@jaloopa said in Specific characters and password managers:
Maybe I could fork KeePass and integrate Selenium scripting into it...
New contest idea: password manager.
-
@boomzilla said in Specific characters and password managers:
@jaloopa said in Specific characters and password managers:
Maybe I could fork KeePass and integrate Selenium scripting into it...
New contest idea: password manager.
I'll just submit SSDS, if you don't mind...
-
@onyx
Just video tape all your password post-its and archive them in SSDS ... brillant!