Make KeePass recognize login field in Desktop application
I use KeePassXC as my password manager; my operating system is Linux Mint 20.2. Login fields in Firefox are automatically recognized. I can click on a small key symbol and both username and password are autofilled.
This does not happen when I log in to a Desktop application. For instance, I use Pidgin, and everytime I start the application, I have to go to KeePassXC, copy the password to the clipboard, and then paste it to the Pidgin prompt. (Notice that there is only a password box in Pidgin; the username does not have to be entered. Maybe this is another difficulty for KeePassXC?)
How can I configure KeePassXC or Pidgin so that KeePassXC recognizes the password field? (I will also appreciate a reference to an answer where the Desktop application was not Pidgin.)
Solution 1:
For applications outside web browser, you might want to use the "auto-type" functionality. I set it up thanks to KeePassXC documentation, but it works like the original KeePass auto-type, so their documentation was also a great help.
Basically, the principle is to rely not on URLs, like for a web browser, but on window title.
As far as I can imagine, using auto-typing would be more secure than copy-pasting or typing on keyboard, because :
- KeePassXC auto-type acts as a virtual keyboard. By using it, you stay in the secured frame established by KeePassXC
- You don't store your credentials in the clipboard, that is an unencrypted space accessible by all applications
- You're not at risk of having your credentials leaked by a keylogger or any keyboard listener
- You're not leaving something on the keyboard that might be used to retrieve your credentials (I've heard technics based on key usage, key temperature, user eyes tracking by a webcam... Not sure they all really work, but in the end, it means that typing on a keyboard is not that secure!)
Solution 2:
You can't. The reason that KeePassXC works in a browser is because it silently injects some Javascript in every page you load via a browser plugin. This allows the additional rendering of the little key symbol and the additional autofill functionality.
Desktop applications work in a fundamentally different way. They are compiled applications, in which no code can be injected without the application itself having some provision for it. There is no way for KeePassXC to interact with these applications in a standardized way. You might get lucky with applications based on a web framework like Electron, but for most desktop apps (including Pidgin), it's just not going to work.