[rrebelo]

Funny, I am doing something like that now, but using an smartphone with a fingerprint reader, instead of a Pi and sending the password through Bluetooth (adding USB might be a good idea, though). My problem with the Pi is that it is another bulky device to carry or loose, even the Pi Zero.

My implementation still has lots of security breaches and I don't want to publish something so fragile. I still need to implement fingerprint and time-based authentication. Therefore it still is vulnerable to MITM attacks.

As soon as I have something more robust I'll post it here.

Do you have more ideas to suggest?

[h4waii]

Since you're already using a phone for this, why not just use Keepass2Android USB Plugin [0] which emulates a keyboard and "types" the password. Requires Android, and probably a device with kernel modules for USB HID.

You won't have to worry about the security and integrity of your Bluetooth connection and the risk of an external sniffer -- but you'll have consider if you trust the computer you're plugging it in to.

0. https://github.com/whs/K2AUSBKeyboard/

[rrebelo]

I love and use KeePass on my PC, although not on Android. Will try it, thanks for the tip.

However, a problem I have with KeePass is that I can't get my wife to use it. It is too complicated for her. Even the idea of plugging the smartphone through USB is already a "no" for her. With Bluetooth she might not even need to take the phone out of her pocket.