YubiKey & Hardware Keys

Strongbox supports YubiKey protected databases (using the KeePassXC challenge-response mode). You can read more about how this whole process came together on Github here. To see which YubiKeys are supported on iOS, check out our article: Which YubiKey models are compatible with my iPhone or iPad...

Add a YubiKey as a Factor to an Existing Database

To add a YubiKey as a factor to an existing KeePass database, simply do the following: On iOS Unlock the existing database as normal Tap the Circle button in the top right corner Tap ‘Set Master Credentials’ Here you can completely set any or all the 3 possible factors: Password Key File YubiKe...

I’ve Lost My YubiKey

If you somehow lose your hardware YubiKey device which you’ve been using to protect your database, all is not lost... Ideally you should have a second YubiKey device programmed with the same secret but this isn't always the case. So long as you know the ‘secret’ that you programmed your device w...

Use a YubiKey With AutoFill on iOS

Unfortunately using a YubiKey in AutoFill mode on iOS is a little more difficult than it should be. This is mostly for technical reasons (Apple block NFC access in AutoFill extensions, and Yubico do not provide AutoFill extension compatible software libraries). However, it is possible to use a Y...

Which YubiKey models are compatible with my iPhone or iPad?

Supported YubiKey Devices The following is general advice, do not purchase an unsupported YubiKey. Supported YubiKey 5 NFC (iPhones only due to NFC) YubiKey 5C NFC (iPhones only due to NFC) YubiKey 5Ci (using Lightning) Unsupported YubiKey Security Key (HMAC-SHA1 Unavailable) YubiKey Bio (HMA...

My Virtual Hardware Key Doesn’t Work With AutoFill

If you are having trouble using a virtual hardware key in AutoFill mode it could be because: It is your first time using this database and you are using Face/Touch ID or PIN Code You are using the wrong Virtual Hardware Key The first time you use a Virtual Hardware Key in AutoFill you cannot als...

Create a Backup Yubikey

You can create multiple copies of your YubiKey using the instructions below. This can be useful so that you have a backup, in case the original YubiKey is lost. To do this: Program the first YubiKey for HMAC-SHA1 Challenge Response Make a record of the unique "secret" that is generated Program ...

Do I Still Need to Enter My Master Password If I'm Using a YubiKey?

To secure your database, you can use any of these three authentication factors: A master password A key file A YubiKey And you can use a combination of one, two, or all three of the above. For instance you could use: Only a master password A master password and a key file A master password, a k...

YubiKey Compatibility with KeeChallenge

Strongbox is NOT compatible with the KeeChallenge plugin. You cannot use a KeeChallenge protected database with Strongbox and you cannot use a YubiKey protected database created by Strongbox with the KeeChallenge plugin. Strongbox uses the KeePassXC paradigm for Challenge Response via YubiKey. T...

YubiKey Not Working / Not Visible on Mac

To make sure Strongbox can access your YubiKey over USB on Mac, you need to make sure Strongbox is enabled here: System Preferences –> Security & Privacy –> Privacy –> Input Monitoring You may need to restart your device or Strongbox for these changes to take effect.

"Unsupported or Configured on Key or Slot" Error Message When Using Yubikey

This can happen for a number of reasons, even if you have properly programmed your Key/Slot for HMACSHA1 Challenge Response. It could mean a faulty YubiKey device but first you should check the following setting using the "Yubikey Manager" tool. There is a setting to enable/disable specific func...

How do I delete a virtual hardware key?

On iOS Long Tap on your Database Choose "Manual Unlock" On the Unlock screen, under the Hardware Key section tap the Hardware Key you are currently using Under the Virtual Hardware Keys section Swipe Left to see the "Delete" option Tap Delete On macOS On the Lock Screen in the Hardware Key sect...