KeePass + iOS + YubiKey = KeePassium
Good news, everyone!
KeePassium is the first KeePass app for iOS that supports YubiKey.
KeePassium adopts the challenge-response approach used by KeePassXC. Firstly, because their approach requires only the database itself — whereas KeeChallenge and OtpKeyProv rely on auxiliary files (which would complicate synchronization). Secondly, because KeePassXC is available on all major platforms as a native app.
For more details: How to use YubiKey with KeePassium/KeePassXC.
Requirements
YubiKey 5 NFC
- An NFC-capable device (iPhone 7 or later)
- iOS 13+
YubiKey 5Ci
- Any iOS device with a Lightning port
- iOS 11+
(The App Store release version of KeePassium does not yet support YubiKey 5Ci — this requires a special permission by Yubico and Apple.)
Update: YubiKey 5Ci is now fully supported.
Limitations
Unfortunately, the AutoFill part is not allowed to communicate with hardware. This limitation is set by the system. As a result, YubiKey-protected databases can only be unlocked in the main app. We are exploring a possible workaround for this nuisance.
iPad limitations
- iPad devices do not have NFC hardware and thus won’t work with NFC keys.
- iPad Pro devices with USB-C port are unfortunately not supported. (iPadOS has only limited support for USB accessories and cannot communicate with YubiKey in challenge-response mode.)
- iPad devices with the Lightning port are fully supported.