Unfortunately using a YubiKey in AutoFill mode on iOS is a little more difficult than it should be. This is mostly for technical reasons (Apple block NFC access in AutoFill extensions, and Yubico do not provide AutoFill extension compatible software libraries).
However, it is possible to use a YubiKey protected database in AutoFill mode on iOS by using one of our two solutions:
Hardware Key Caching
This is probably the easiest & most streamlined method. You should be asked if you'd like to use hardware key caching when you first unlock your database, though you might have missed that. You can enable hardware key caching like this:
On iOS
- Unlock your Database
- Tap the Settings button (Gear icon)
- Tap Hardware Key (see screenshot)
- Enable Challenge Response Caching
Once enabled, you can use your database without the need for your YubiKey for the configured period of time. After which you will need to switch back to Strongbox and unlock your database using your physical hardware key device. During this period you can use AutoFill to both read and write your database.
Virtual Hardware Keys
Virtual Hardware Keys provide a more permanent solution, but require a little more setup. You can read more about virtual hardware keys and why they are needed for AutoFill mode here. Note that Virtual Hardware Keys are also now available on macOS and you might find them useful there, even if just for disaster recovery. Note also, you must know the secret you programmed your YubiKey with to create a virtual hardware key.
You can get started by creating a new virtual hardware key like this:
Creating a Virtual Hardware Key
- Tap your database to begin the unlock sequence.
- NB: If you are using a PIN Code, Touch ID or Face ID for unlocking then you will need to instead Long Tap on your database and choose Manual Unlock.
- Under the Hardware Key section, tap Configure... or tap your existing configuration if that was set.
- Under the Virtual Hardware Keys section, tap Add New...
- Enter a name for your new Virtual Hardware Key, e.g. "My AutoFill Virtual Hardware Key"
- Enter your HMAC-SHA1 secret without spaces in to the HMAC-SHA1 Secret field.
- You may or may not need to switch on the Fixed Length Input switch depending on how you originally programmed your YubiKey.
- Advanced Users Only: You can switch on the AutoFill Only switch if you want this key to be available only in AutoFill mode but we recommend that you test it out in regular mode first before switching to AutoFill only.
- Tap Add to complete the creation of your Virtual Hardware Key.
If you chose to make your key available to the main app as well as AutoFill (recommended) you can now immediately check if it works by selecting it in the Unlock screen. Otherwise, switch over to AutoFill mode and try it out.
NB: You can delete a Virtual Hardware Key by following these instructions.