sirandros / keepasswinhello Goto Github PK

When connected to the workstation via RDP, an error is shown when locking or unlocking the database with which KeePassWinHello is associated.

Steps to reproduce the behavior:

1. Connect via RDP to the workstation on which KeePass is installed and configured and functioning locally with the unlock capabilities of KeePassWinHello
2. Switch to KeePass
3. Attempt to unlock a database for which KeePassWinHello has stored credentials
4. See the error, "Something went wrong. Please report the issue [...] KeePassWinHello.AuthProviderSystemErrorException:
   NCryptOpenKey
   Error code: 80090010
   at KeePassWinHello.WinHelloProvider.SECURITY_STATUS.CheckStatus(String name, Int32 ignoreStatus)
   at [...] [See screen shot for the full error stack.]

Expected behavior
If Windows Hello can function within an RDP session, function just as it would outside of RDP. If it cannot, then just bypass KeePassWinHello and require the user to manually enter the full decryption passphrase and key as applicable.

Screenshot:
Something_Went_Wrong_NCryptOpenKey_80090010_KeePassWinHello

Desktop:

• OS Version: Microsoft Windows 10 Pro 10.0.18363 (1909) 64-bit
• KeePass Version: 2.43
• Plugin Version: 3.1.1
• Hardware info: Intel Core i7-8700k CPU, Asus ROG Strix Z390-E Gaming motherboard, 2 x 8 GB DDR4 RAM, AMD Radeon Vega 64 graphics

KeePass settings and enviroment:

• Is secure desktop enabled: no
• Is KeePass running under Administrator (in elevated process): no
• Installed plugins (if any): Only KeePassWinHello
• Any specific settings in KeePass/Plugin: Many settings have been customized in KeePass. In KeePassWinHello, selected are: Use quick unlock via Windows Hello [...], Revoke current key in case [...]; Store keys in the Windows Credential Manager; Saved keys get invalidated after 'week', Stored keys: 2

Additional context:
Outside of RDP, the lock and unlock functions of KeePassWinHello work as expected.

Cloning into 'C:\Users[USER]\Documents\GitHub\KeePassWinHello'...
remote: Enumerating objects: 84, done.
remote: Counting objects: 1% (1/84)
remote: Counting objects: 2% (2/84)
remote: Counting objects: 3% (3/84)
remote: Counting objects: 4% (4/84)
remote: Counting objects: 5% (5/84)
remote: Counting objects: 7% (6/84)
remote: Counting objects: 8% (7/84)
remote: Counting objects: 9% (8/84)
remote: Counting objects: 10% (9/84)
remote: Counting objects: 11% (10/84)
remote: Counting objects: 13% (11/84)
remote: Counting objects: 14% (12/84)
remote: Counting objects: 15% (13/84)
remote: Counting objects: 16% (14/84)
remote: Counting objects: 17% (15/84)
remote: Counting objects: 19% (16/84)
remote: Counting objects: 20% (17/84)
remote: Counting objects: 21% (18/84)
remote: Counting objects: 22% (19/84)
remote: Counting objects: 23% (20/84)
remote: Counting objects: 25% (21/84)
remote: Counting objects: 26% (22/84)
remote: Counting objects: 27% (23/84)
remote: Counting objects: 28% (24/84)
remote: Counting objects: 29% (25/84)
remote: Counting objects: 30% (26/84)
remote: Counting objects: 32% (27/84)
remote: Counting objects: 33% (28/84)
remote: Counting objects: 34% (29/84)
remote: Counting objects: 35% (30/84)
remote: Counting objects: 36% (31/84)
remote: Counting objects: 38% (32/84)
remote: Counting objects: 39% (33/84)
remote: Counting objects: 40% (34/84)
remote: Counting objects: 41% (35/84)
remote: Counting objects: 42% (36/84)
remote: Counting objects: 44% (37/84)
remote: Counting objects: 45% (38/84)
remote: Counting objects: 46% (39/84)
remote: Counting objects: 47% (40/84)
remote: Counting objects: 48% (41/84)
remote: Counting objects: 50% (42/84)
remote: Counting objects: 51% (43/84)
remote: Counting objects: 52% (44/84)
remote: Counting objects: 53% (45/84)
remote: Counting objects: 54% (46/84)
remote: Counting objects: 55% (47/84)
remote: Counting objects: 57% (48/84)
remote: Counting objects: 58% (49/84)
remote: Counting objects: 59% (50/84)
remote: Counting objects: 60% (51/84)
remote: Counting objects: 61% (52/84)
remote: Counting objects: 63% (53/84)
remote: Counting objects: 64% (54/84)
remote: Counting objects: 65% (55/84)
remote: Counting objects: 66% (56/84)
remote: Counting objects: 67% (57/84)
remote: Counting objects: 69% (58/84)
remote: Counting objects: 70% (59/84)
remote: Counting objects: 71% (60/84)
remote: Counting objects: 72% (61/84)
remote: Counting objects: 73% (62/84)
remote: Counting objects: 75% (63/84)
remote: Counting objects: 76% (64/84)
remote: Counting objects: 77% (65/84)
remote: Counting objects: 78% (66/84)
remote: Counting objects: 79% (67/84)
remote: Counting objects: 80% (68/84)
remote: Counting objects: 82% (69/84)
remote: Counting objects: 83% (70/84)
remote: Counting objects: 84% (71/84)
remote: Counting objects: 85% (72/84)
remote: Counting objects: 86% (73/84)
remote: Counting objects: 88% (74/84)
remote: Counting objects: 89% (75/84)
remote: Counting objects: 90% (76/84)
remote: Counting objects: 91% (77/84)
remote: Counting objects: 92% (78/84)
remote: Counting objects: 94% (79/84)
remote: Counting objects: 95% (80/84)
remote: Counting objects: 96% (81/84)
remote: Counting objects: 97% (82/84)
remote: Counting objects: 98% (83/84)
remote: Counting objects: 100% (84/84)
remote: Counting objects: 100% (84/84), done.
remote: Compressing objects: 1% (1/65)
remote: Compressing objects: 3% (2/65)
remote: Compressing objects: 4% (3/65)
remote: Compressing objects: 6% (4/65)
remote: Compressing objects: 7% (5/65)
remote: Compressing objects: 9% (6/65)
remote: Compressing objects: 10% (7/65)
remote: Compressing objects: 12% (8/65)
remote: Compressing objects: 13% (9/65)
remote: Compressing objects: 15% (10/65)
remote: Compressing objects: 16% (11/65)
remote: Compressing objects: 18% (12/65)
remote: Compressing objects: 20% (13/65)
remote: Compressing objects: 21% (14/65)
remote: Compressing objects: 23% (15/65)
remote: Compressing objects: 24% (16/65)
remote: Compressing objects: 26% (17/65)
remote: Compressing objects: 27% (18/65)
remote: Compressing objects: 29% (19/65)
remote: Compressing objects: 30% (20/65)
remote: Compressing objects: 32% (21/65)
remote: Compressing objects: 33% (22/65)
remote: Compressing objects: 35% (23/65)
remote: Compressing objects: 36% (24/65)
remote: Compressing objects: 38% (25/65)
remote: Compressing objects: 40% (26/65)
remote: Compressing objects: 41% (27/65)
remote: Compressing objects: 43% (28/65)
remote: Compressing objects: 44% (29/65)
remote: Compressing objects: 46% (30/65)
remote: Compressing objects: 47% (31/65)
remote: Compressing objects: 49% (32/65)
remote: Compressing objects: 50% (33/65)
remote: Compressing objects: 52% (34/65)
remote: Compressing objects: 53% (35/65)
remote: Compressing objects: 55% (36/65)
remote: Compressing objects: 56% (37/65)
remote: Compressing objects: 58% (38/65)
remote: Compressing objects: 60% (39/65)
remote: Compressing objects: 61% (40/65)
remote: Compressing objects: 63% (41/65)
remote: Compressing objects: 64% (42/65)
remote: Compressing objects: 66% (43/65)
remote: Compressing objects: 67% (44/65)
remote: Compressing objects: 69% (45/65)
remote: Compressing objects: 70% (46/65)
remote: Compressing objects: 72% (47/65)
remote: Compressing objects: 73% (48/65)
remote: Compressing objects: 75% (49/65)
remote: Compressing objects: 76% (50/65)
remote: Compressing objects: 78% (51/65)
remote: Compressing objects: 80% (52/65)
remote: Compressing objects: 81% (53/65)
remote: Compressing objects: 83% (54/65)
remote: Compressing objects: 84% (55/65)
remote: Compressing objects: 86% (56/65)
remote: Compressing objects: 87% (57/65)
remote: Compressing objects: 89% (58/65)
remote: Compressing objects: 90% (59/65)
remote: Compressing objects: 92% (60/65)
remote: Compressing objects: 93% (61/65)
remote: Compressing objects: 95% (62/65)
remote: Compressing objects: 96% (63/65)
remote: Compressing objects: 98% (64/65)
remote: Compressing objects: 100% (65/65)
remote: Compressing objects: 100% (65/65), done.
remote: Total 84 (delta 32), reused 66 (delta 17), pack-reused 0
2 [main] sh (8636) C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF78410/0xF68410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
0 [main] sh 21012 fork: child -1 - forked process 8636 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
2 [main] sh (21656) C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF78410/0xFA8410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
1051201 [main] sh 21012 fork: child -1 - forked process 21656 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
2 [main] sh (2020) C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF78410/0xE68410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
3105155 [main] sh 21012 fork: child -1 - forked process 2020 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
8 [main] sh (8096) C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF78410/0xEE8410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
7193082 [main] sh 21012 fork: child -1 - forked process 8096 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
8 [main] sh (20632) C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF78410/0xE58410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
15275823 [main] sh 21012 fork: child -1 - forked process 20632 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users[USER]\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: Resource temporarily unavailable

Hi,
first thanks for your good AddOn for keepass!!
I use the Win Hello AddOn and would like to have the feature, that I can set my preferred setting for Windows Hello Login of my keepass database.
It's always fingerprint which was selected. My preferred one is with the face recognition.
It will be nice when the last used method is the standard one for the next unlock of the database or there is a setting where I can define which one is my perferred one.
It would be nice if you can implement this.
Best regards Bernd

Hey @sirAndros,

You are using an undocumented function from Microsoft's Passport API here:

What does this function do? Is it possible to create a new key specifically for the app instead of using the user's default key?

On a PC with Windows 10 Pro R1809 with latest updates, I added KeePassWinHello 2.1 to KeePass 2.41 plugins folder, and launched KeePass. Upon login with Master Password, and opening WindowsHello tab in Options, the tab error says "Windows Hello is disabled on your system". But it's actually enabled and working, I login to the PC with fingerprint login.

First of all, thanks for making this awesome plugin that essentially made me finally switch to Keepass. It seems to work better than other key provider plugins as this doesn't seem to work as a key provider, as such I can still have programmatic access to the DB with the standard set of keys.

Onto the point...

Describe the bug
This seems to be a small bug with the handling of the Windows Hello dialog. When Keepass is minimised or in tray and an unlock is attempted (either via the context menu or through another plugin requesting an unlock), the form appears at what top left corner of the screen.

This makes sense as there is no parent window to center upon, it would be much better if the form could be displayed in the middle of the screen or perhaps at the last position (the position could be saved in memory).

Would this be easy to solve? I can try taking a look at the code myself though it will probably take me some time to setup the environment to compile the plugin.

Expected behavior
The window appears at the center of the screen when main keepass window is not visible.

Desktop (please complete the following information):

• Windows 10 x86 1909
• KeePass Version 2.44
• Plugin Version 3.1.1.0
• Hardware info Screen resolution = 4k

KeePass settings and enviroment

• Is secure desktop enabled = no
• Is KeePass running under Administrator (in elevated process) = no
• Installed plugins (if any) KeePassOtp, KeeAgent (this triggers winhello when key is needed)

Thanks!

Having the Keepass password prompt set to appear on a secure desktop prevents the Hello prompt from being there to interact with (because it's on the normal desktop). I don't know if that is something that can be worked around, but in that case it should be documented (maybe even automatically checked).

Software versions: Win 10 1809, KPWH 2.0, KeePass 2.40

The Plugin never checks if the persistent key has been changed and continues to use it even if it is not a secure one.

I wrote all the details of this issue in my private project due to the sensitivity of information. @sirAndros and @shuffle-c are added as collaborators.

I use multiple keepass databases. One is my personal database, the master db. The other databases are for work, and for one that I share with my signifigant other.

I use KeeAutoOpen to easily open all three databases by opening the master db. The issue I'm running into is that when I attempt to use autotype while all my databases are locked, KeePassWinHello only opens on of the secondary databases (not sure how the database is chosen exactly, some times it's one sometimes it's the other), requiring me to open the application, select my primary db, and then WinHello auth into that, allowing all databases to become unlocked

I think the best way to handle this would be able to mark a database as not WinHello openable, or have a way to tell WinHello which db should be the primary attempt

Firstly - thanks for the plugin! I've just stumbled across it but its a feature I've been missing for years!

I use two plugins that trigger keepass db unlock automatically, and they both cause an issue when KeePassWinHello is in use, and 'Enter master key on secure desktop' is enabled in keepass.

When manually invoking Keepass, KeePassWinHello operates as expected and I'm able to unlock my keepass db successfully.

When the unlock is triggered by either of these plugins, duplicate win hello dialogs appear. Sometimes the order of their appearance is reversed, sometimes, the second only appears after the first is dismissed, but consistently only one of them will actually recognise my biometric and present an 'OK button'. The other dialog only shows a cancel button.

Sometimes (AFAICT, when the 'OK button enabled' dialog is behind the dialog with only a cancel button), I'm also not able to dismiss the non functional dialog at all, and what looks like a constantly rapidly spawning/disappearing window related to keepass is shown in the task bar and keepass becomes unusable (I have to manually kill the keepass process and relaunch it)

When I disable 'Enter master key on secure desktop', the problem disappears and things behave as expected. The general problem to be reliably reproducible, though the order and exact behaviour does appear variable.

The plugins I'm using that are both triggering this are :

• ChromeIPass in Chrome (which leverages keepassHTTP plugin)
• Keeagent (for accessing ssh keys in keepass)

To Reproduce
Steps to reproduce the behavior:

1. Enable 'Enter master key on secure desktop', and install / config keepasshttp + chromeipass, or keeagent.
2. With keepass started + locked, trigger db access (for instance, use the Ctrl-Shift-U to autotype user/pass into detected cred fields in chrome)
3. Observe above behaviour.

Expected behavior
No duplicate dialog. No flashing

Screenshots
(Moved dialogs side by side manually)

Desktop (please complete the following information):

• Win 10 17134.706
• KeePass Version 2.41
• Hardware info : Surface Laptop 2

Describe the bug

When KeePass locking comes the following error.

Screenshots

KeePassWinHello

Something went wrong. Please report the issue in our Github repository with the following technical info.

KeePassWinHello.EnviromentErrorException: CredWrite
Error code: 8

bei KeePassWinHello.BOOL.ThrowOnError(String debugInfo, Int32[] ignoredErrors)

bei KeePassWinHello.KeyWindowsStorage.AddOrUpdate(String dbPath, ProtectedKey protectedKey)

bei KeePassWinHello.KeyManager.OnDBClosing(Object sender, FileClosingEventArgs e)

OK

Desktop (please complete the following information):

• Windows 10 Pro 20H2 Build 19042.964
• KeePass Version 2.47 (64-bit)
• Plugin Version 3.1.1
• Hardware info

I upgraded to KeePassWinHello 2.1 to use the secure desktop feature.

After upgrading I am facing two problems:

1. My Database is loaded from a webdav url without stored credentials (only username is stored).
   I have to enter the webdav password before database unlock. This dialog is triggered two times using the new version. After that die WinHello-Dialog popups.
2. After succesful unlock the auto type dialog is missing.
   The database is unlocked using the hotkey for auto type. After the problem above the autotype dialog does not appear.

After disabling secure desktop it worked again.

My W10 PC went to sleep. When I woke it back up, the following error message was on the screen:

Keepass had locked, and when I brought it up from the system tray the WinHello plugin allowed me to reauthenticate using my W10 PIN as though nothing had happened.

I appreciate this plugin, so thank you! First time I've ever encountered an issue with it.

I had the following error when Microsoft Edge requested the opening of my KeePass database through KeePassHttp (This issue never happened before on either of my two pc's)

I have the following plugins enabled

Desktop

• Windows 10 Pro 2004 64 bit

• KeePass 2.45

First, thanks for your work on this.

On our Lenovo ThinkPad machines, Windows Hello "Add a fingerprint" works fine and we use it reliably to unlock the desktop screen. So i do not believe there is a problem with HELLO per se.

However, WinHello would only prompt for a fingerprint to unlock KeePass about one time out twenty. When it does let me use my fingerprint and move on with life unencumbered, the joy is indescribable. What can i do to troubleshoot?

We should alert users to store password somewhere else/generate recovery sheets while using quick unlock.

Describe the bug
After locking the database, the Windows Hello prompt launches in the background behind the Keepass window. The prompt says "Select OK to continue" but neither the OK or Cancel buttons are clickable. The only way forward is to end task on Keepass.

Desktop (please complete the following information):

• Windows 10 2016 LTSB
• KeePass 2.42.1
• KeePassWinHello 2.2.0

Describe the bug
Windows Hello prompt shown outside of secure desktop, even though secure desktop was actually oppened by keepass but promptly closed and taken to normal desktop to show windows hello prompt.

To Reproduce
Steps to reproduce the behavior:

1. Set keepass to 'enter master key on secure desktop'
2. Unlock database
3. Secure desktop sounds appear, and secure desktop's black screen flashes promptly before Windows hello prompt is shown.

Expected behavior
Windows hello prompt should be shown inside secure desktop (just like UAC behaviour).

Screenshot

Desktop (please complete the following information):

• OS Version 1809 build 17763.805
• KeePass 2.39.1
• Plugin 3.1.1.0

KeePass settings and enviroment

• Secure desktop enabled
• KeePass running not under Administrator (in normal process)
• Installed plugins: keeanywhere, keepassquickunlock (currently unused), keepassrpc (for firefox extension Kee)

I got installaion error saying 👍
2 [main] sh (11284) C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF68410/0xED8410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
0 [main] sh 14756 fork: child -1 - forked process 11284 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
2 [main] sh (19600) C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF68410/0xF48410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
1041165 [main] sh 14756 fork: child -1 - forked process 19600 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
2 [main] sh (8744) C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF68410/0xF88410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
3090036 [main] sh 14756 fork: child -1 - forked process 8744 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
5 [main] sh (16776) C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF68410/0xDA8410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
7160799 [main] sh 14756 fork: child -1 - forked process 16776 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: retry: Resource temporarily unavailable
8 [main] sh (17816) C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\usr\bin\sh.exe: *** fatal error - cygheap base mismatch detected - 0xF68410/0xE58410.
This problem is probably due to using incompatible versions of the cygwin DLL.
Search for cygwin1.dll using the Windows Start->Find/Search facility
and delete all but the most recent version. The most recent version should
reside in x:\cygwin\bin, where 'x' is the drive on which you have
installed the cygwin distribution. Rebooting is also suggested if you
are unable to find another cygwin DLL.
15238499 [main] sh 14756 fork: child -1 - forked process 17816 died unexpectedly, retry 0, exit code 0xC0000142, errno 11
C:\Users\xx\AppData\Local\GitHubDesktop\app-1.4.0\resources\app\git\mingw64\libexec\git-core\git-submodule: fork: Resource temporarily unavailable

When calling keepass to front, its window will come up in foreground but the windows from Windows Hello requiring the fingerprint does not come with it but instead opens up in background. This is inneficient as one must first switch to the Hello Windows in order tounlock the DB. Ideal Scenario would be windows Hello comes to foreground along with keepass window

Is your feature request related to a problem? Please describe.
I use a key file as a part of the master password. If the WindowsHello timeout expired or keepass is restarted, the last used keyfile path is overridden with the WindowsHello key provider.

Describe the solution you'd like
It would be nice if the association to the last key file could be restored after timeout or restart.

Describe alternatives you've considered
I tried multiple config hacks (e.g. enforcement) to restore the key file path, but nothing worked.

Additional context
Kudos for this great plugin. It makes the usage of KeePass really smooth.

Has anyone managed to get the ThermalTake TTeSports FP biometric mouse to work with KeePassWinHello plugin? My desktop belongs to a tightened down domain, so not a great test env. KeePassWinHello generally works with our Lenovo ThinkPads, but it is hit and miss (different issue).

Tt eSPORTS MO-BKV-WDLGBK-01 BLACK FP Biometric Laser Gaming Mouse

"Windows Hello is disabled on your system. Please activate it in the system settings"

With the late July ThermalTake "Security Center", i can now use this mouse to logon to Windows, but Windows Hello functionality is lacking. For instance, adding a fingerprint in the Win10 "Sign-in Options" screen is disabled for normal users. For admin users, a popup disappears quickly. None of these ThermalTake issues are @sirAndros problem, but wondering if other users have had any luck with it on their system.

KeePassWinHello incompatible with KeePass 2.45. Will not load the plug-in. Can we get a new build to fix? Thanks.

The plugin does not show up in KeePass's plugin list, neither does the the config tab appear.
KeePassWinHelloPlugin.plgx is within the plugin folder.

To reproduce:
choco install keepass keepass-plugin-winhello -Y

Describe the bug
Exception after unlock using Windows Hello

To Reproduce
Steps to reproduce the behavior:

1. Windows Hello unlock prompt was displayed
2. Initially it was asking to unlock using my fingerprint reader, so selected face unlock
3. After the Windows Hello unlock popup was closed, the exception was displayed

Expected behavior
Unlock was successful.

Screenshots

Desktop

• Windows 10 Pro 1903 64-bit
• KeePass Version: 2.43
• Hardware info: Lenovo P50 with Intel Xeon, 64 GB RAM

Would be great to have the option to install with winget as well.

Hello,

first of all, thank you for the great plugin you have provided.
I am encountering the following situation. After restarting Keepass, and having already enabled the plugin to use the windows credentials store I am able to open the DB not only using windows hello fingerprint recognition but also with a PIN (through more choices). This means that a confidential DB can be opened with 4 digits.

I would like to be able to open the DB only with windows, hello, and not to provide other choices for accessing the DB.

For sure an option would be to deactivate the PIN and use a strong password a secondary option for signing in, but I would like to be able to sign in on windows using the options:

1. windows hello
2. PIN
3. password

Thank you in advance!

Kind Regards
Ioannis

Describe the bug
Password database is corrupted when opened in third party tools like KyPass

To Reproduce
Steps to reproduce the behavior:

• Install KeePassWinHello plugin
• Open password file
• Save file
• Try to open file in KyPass (iOS)
• KyPass says "Master password incorrect" and does not work anymore. Not even saving to a new file works

Expected behavior
I'd expect I'd be able to continue using the password db on my iPhone

Desktop (please complete the following information):

• Windows 10, 1809
• KeePass 2.41
• Should be irrelevant

Additional context
Add any other context about the problem here.

Hello. I love your plugin. I have been waiting for this for years. How can I donate a cup of coffee?

Version 2.1 shows up as 2.0.0.0 on plugin list.

To Reproduce
Steps to reproduce the behavior:

1. Go to Tools > Plugins

Expected behavior
Version 2.1.0.0 is listed

Desktop (please complete the following information):

• Win 10 Pro
• KeePass Version 2.41

hi
do you plan to enhance KeePassWinHello, so it can be used as first login to the keepass database?
This would be a great enhancement and will make Keepass used by many more people, which today use browser password managers for convenience.

I would also make a donation to such an enhancement

I am not sure, if a plugin can handle #2, #3.

3 Desktops setup: left, middle:primary, right

1. CTRL+ALT+A triggers the Hello dialog, but it appears on the left-desktop. Never the currently used one (window focus, cursor). // Using the normal unlock, it centers on top of the KeePass window

2. the KeePass AutoFill window opens but drops below the current window.

3. does not lock again after autofilling. I have to click the tray icon, and then lock the db again.

Should:

• open on current window
• should have the autofill selection window on top
• should lock the DB again after autofilling.

I'm not sure if this is possible but it would be good to have the option to remove the ability to sign in with the windows pin instead of biometric data. Windows pin is probably less secure than the keepass password

I had a Remote Desktop Connection open towards a Windows 10 machine on which Keepass with KeePassWinHello was running but not in active use. The remote machine uses WinHello for login. Suddenly, the attached message came up (on the remote machine), with the request to report it on github:

Sorry, I had no time or occasion to investigate this further.

Side note: I don't know if it is a system limitation, but I was forced to attach a screenshot because the pop-up message does not allow to select the error description text to copy/paste.

It is possible to add an option that i can unlock my keypass DB at first time directly with hello fingerprint?

Bug Description:
When you reset PIN or your company changes some (don't know which exactly) settings, our key has been deleted from cred. storage which leads to errors on locking and unlocking DB

To Reproduce
Steps to reproduce the behavior:

1. Reset PIN
2. Try to unlock DB
3. See error 8009000D
4. Lock DB
5. See error 8009000D

Screenshots

Environment :

• OS Version: 10.0.19041.0
• KeePass Version : 2.45
• Plugin Version: 3.1.1

KeePass settings:

• Is secure desktop enabled: yes
• Is KeePass running under Administrator (in elevated process): no

Describe the bug
When an unlock is attempted using a Windows Hello camera that is in use by another application (in this case, Zoom), the other application is frozen/crashes. When some other applications are using the camera, KeePassWinHello reports that the camera is in use.

To Reproduce
Steps to reproduce the behavior:

1. Unlock KeePass
2. Lock KeePass
3. Open Zoom, start video in call
4. Attempt to unlock KeePass with KeePassWinHello via camera
5. Unlock successful
6. Video in Zoom freezes but audio works
7. After ~1 minute, Zoom crashes

Expected behavior
At step 4, Windows Hello should report that the camera is in use, ask for another login method.

Desktop (please complete the following information):

• Windows 10 20H2
• KeePass Version 2.46
• Plugin Version 3.1.1.0
• Hardware info: HP Elitebook x360 1030 G2 built-in webcam

KeePass settings and environment

• Is secure desktop enabled No
• Is KeePass running under Administrator (in elevated process) No
• Installed plugins (if any)
  
• Any specific settings in KeePass/Plugin

Describe the bug
choco fails running some scripts while trying Upgrade keepass-plugin-winhello from 3.0 => 3.1.1
To Reproduce
Steps to reproduce the behavior:

1. Go to shell
2. enter: cup keepass-plugin-winhello

Expected behavior
plgx file replaced with new one while upgrading.
But "C:\Program Files (x86)\KeePass Password Safe 2\Plugins\KeePassWinHelloPlugin.plgx" stays at Version 3.0.0

Desktop (please complete the following information):

• OS Version Win10
• KeePass Version 2.43

Additional context
Path is default:
"C:\Program Files (x86)\KeePass Password Safe 2\Plugins\KeePassWinHelloPlugin.plgx"

Upgrading the following packages:
keepass-plugin-winhello
By upgrading you accept licenses for the packages.

You have keepass-plugin-winhello v3.0 installed. Version 3.1.1 is available based on your source(s).
[NuGet] Attempting to resolve dependency 'keepass (≥ 2.33 && < 3.0)'.
[NuGet] Attempting to resolve dependency 'keepass.install (≥ 2.43)'.
[NuGet] Uninstalling 'keepass-plugin-winhello 3.0'.
[NuGet] Successfully uninstalled 'keepass-plugin-winhello 3.0'.
[NuGet] Installing 'keepass-plugin-winhello 3.1.1'.
[NuGet] Successfully installed 'keepass-plugin-winhello 3.1.1'.

keepass-plugin-winhello v3.1.1 [Approved]
keepass-plugin-winhello package files upgrade completed. Performing other installation steps.
 Get-ItemProperty : Specified cast is not valid.
 At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:14 char:12
 + $regPath = Get-ItemProperty -Path @('HKLM:\Software\Wow6432Node\Micro ...
 +            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : NotSpecified: (:) [Get-ItemProperty], InvalidCastException
     + FullyQualifiedErrorId : System.InvalidCastException,Microsoft.PowerShell.Commands.GetItemPropertyCommand
 Get-BinRoot is going to be deprecated in v1 and removed in v2. It has been replaced with Get-ToolsLocation (starting with v0.9.10), however many packages no longer require a special separate directory since package folders no longer have versions on them. Some do though and should continue to use Get-ToolsLocation.
 Get-ChildItem : Cannot find path 'C:\Program Files (x86)\Chocolatey GUI\-ErrorAction' because it does not exist.
 At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:4 char:33
 +     function Get-ChildItemDir {{ Get-ChildItem -Directory $args }}
 +                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : ObjectNotFound: (C:\Program File...UI\-ErrorAction:String) [Get-ChildItem], ItemNotFound 
    Exception
     + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
 Get-ChildItem : Cannot find path 'C:\Program Files (x86)\Chocolatey GUI\SilentlyContinue' because it does not exist.
 At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:4 char:33
 +     function Get-ChildItemDir {{ Get-ChildItem -Directory $args }}
 +                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : ObjectNotFound: (C:\Program File...ilentlyContinue:String) [Get-ChildItem], ItemNotFound 
    Exception
     + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
 Exception calling "GetDirectoryName" with "1" argument(s): "The path is not of a legal form."
 At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:32 char:9
 +         $installPath = [io.path]::GetDirectoryName($installFullName)
 +         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
     + FullyQualifiedErrorId : ArgumentException
 WARNING: KeePass Password Safe not found.
 ScriptHalted
 In C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:37 Zeichen:5
 +     throw
 +     ~~~~~
     + CategoryInfo          : OperationStopped: (:) [], RuntimeException
     + FullyQualifiedErrorId : ScriptHalted
The upgrade of keepass-plugin-winhello was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1'.
 See log for details.

Chocolatey upgraded 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures
 - keepass-plugin-winhello (exited 1) - Error while running 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1'.
 See log for details.

Content of: C:\ProgramData\chocolatey\logs\chocolatey.log

 [DEBUG] - Using 'https://chocolatey.org/api/v2/'.
 [DEBUG] - - Supports prereleases? 'True'.
 [DEBUG] - - Is ServiceBased? 'True'.
 [DEBUG] - Package 'keepass-plugin-winhello' found on source 'https://chocolatey.org/api/v2/'
 [WARN ] - 
You have keepass-plugin-winhello v3.0 installed. Version 3.1.1 is available based on your source(s).
 [DEBUG] - Backing up existing keepass-plugin-winhello prior to operation.
 [DEBUG] - Moving 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'
 to 'C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello'
 [DEBUG] - Attempting to create directory "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello".
 [DEBUG] - Attempting to copy "C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello\keepass-plugin-winhello.nupkg"
 to "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nupkg".
 [DEBUG] - Attempting to copy "C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello\keepass-plugin-winhello.nuspec"
 to "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nuspec".
 [DEBUG] - Attempting to create directory "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin".
 [DEBUG] - Attempting to copy "C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello\plugin\KeePassWinHelloPlugin.plgx"
 to "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin\KeePassWinHelloPlugin.plgx".
 [DEBUG] - Attempting to create directory "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools".
 [DEBUG] - Attempting to copy "C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello\tools\ChocolateyInstall.ps1"
 to "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1".
 [DEBUG] - Attempting to copy "C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello\tools\ChocolateyUninstall.ps1"
 to "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyUninstall.ps1".
 [DEBUG] - Deleting file C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1".
 [DEBUG] - Deleting file C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyUninstall.ps1
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyUninstall.ps1".
 [DEBUG] - Capturing package files in 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nupkg'
  with checksum '703214B4A7C3F2B85FDF1E353C42A7CB'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nuspec'
  with checksum '3BB499B1B0D9659EC113438775EBDCC6'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin\KeePassWinHelloPlugin.plgx'
  with checksum '93AB953E49A6EB69114E4FE9CB0EACF2'
 [INFO ] - [NuGet] Attempting to resolve dependency 'keepass (= 2.33 && < 3.0)'.
 [INFO ] - [NuGet] Attempting to resolve dependency 'keepass.install (= 2.43)'.
 [INFO ] - [NuGet] Uninstalling 'keepass-plugin-winhello 3.0'.
 [DEBUG] - [NuGet] Removed file 'KeePassWinHelloPlugin.plgx' to folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin'.
 [DEBUG] - [NuGet] Removed folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin'.
 [DEBUG] - [NuGet] Removed folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools'.
 [DEBUG] - [NuGet] Removed file 'keepass-plugin-winhello.nuspec' to folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'.
 [DEBUG] - [NuGet] Removed file 'keepass-plugin-winhello.nupkg' to folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'.
 [DEBUG] - [NuGet] Removed folder 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'.
 [INFO ] - [NuGet] Successfully uninstalled 'keepass-plugin-winhello 3.0'.
 [INFO ] - [NuGet] Installing 'keepass-plugin-winhello 3.1.1'.
 [DEBUG] - [NuGet] Added file 'KeePassWinHelloPlugin.plgx' to folder 'keepass-plugin-winhello\plugin'.
 [DEBUG] - [NuGet] Added file 'ChocolateyInstall.ps1' to folder 'keepass-plugin-winhello\tools'.
 [DEBUG] - [NuGet] Added file 'ChocolateyUninstall.ps1' to folder 'keepass-plugin-winhello\tools'.
 [DEBUG] - [NuGet] Added file 'LICENSE.txt' to folder 'keepass-plugin-winhello\tools'.
 [DEBUG] - [NuGet] Added file 'VERIFICATION.txt' to folder 'keepass-plugin-winhello\tools'.
 [DEBUG] - [NuGet] Added file 'keepass-plugin-winhello.nupkg' to folder 'keepass-plugin-winhello'.
 [DEBUG] - [NuGet] Added file 'keepass-plugin-winhello.nuspec' to folder 'keepass-plugin-winhello'.
 [INFO ] - [NuGet] Successfully installed 'keepass-plugin-winhello 3.1.1'.
 [INFO ] - 
keepass-plugin-winhello v3.1.1 [Approved]
 [INFO ] - keepass-plugin-winhello package files upgrade completed. Performing other installation steps.
 [DEBUG] - Setting installer args for keepass-plugin-winhello
 [DEBUG] - Setting package parameters for keepass-plugin-winhello
 [DEBUG] - Contents of 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1':
 [DEBUG] - # powershell v2 compatibility
$psVer = $PSVersionTable.PSVersion.Major
if ($psver -ge 3) {
    function Get-ChildItemDir { Get-ChildItem -Directory $args }
} else {
    function Get-ChildItemDir { Get-ChildItem $args }
}

$packageName = 'keepass-plugin-winhello'
$keePassDisplayName = 'KeePass Password Safe'


Write-Verbose "Searching registry for installed KeePass..."
$regPath = Get-ItemProperty -Path @('HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*',
                                    'HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*',
                                    'HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*') `
            -ErrorAction:SilentlyContinue `
        | Where-Object { $_.DisplayName -like "$keePassDisplayName*" } `
        | ForEach-Object { $_.InstallLocation }
    
$installPath = $regPath #todo process multiple installations
if (!$installPath) {
    Write-Verbose "Searching $env:ChocolateyBinRoot for portable install..."
    $binRoot = Get-BinRoot
    $portPath = Join-Path $binRoot "keepass"
    $installPath = Get-ChildItemDir $portPath* -ErrorAction SilentlyContinue
}
if (!$installPath) {
    Write-Verbose "Searching $env:Path for unregistered install..."
    $installFullName = (Get-Command keepass -ErrorAction SilentlyContinue).Path
    if (! $installFullName) {
        $installPath = [io.path]::GetDirectoryName($installFullName)
    }
}
if (!$installPath) {
    Write-Warning "$keePassDisplayName not found."
    throw
}
Write-Verbose "`t...found."

Write-Verbose "Searching for plugin directory..."
$pluginPath = (Get-ChildItemDir $installPath\Plugin*).FullName
if ($pluginPath.Count -eq 0) {
    $pluginPath = Join-Path $installPath "Plugins"
    [System.IO.Directory]::CreateDirectory($pluginPath)
}
Write-Verbose "`t...found."

$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$source = "$toolsDir\..\plugin"
    
Write-Verbose "Copy plugin files into Plugins dir"
Copy-Item -Path "$source\*" -Destination $pluginPath -Recurse -Force

if ( Get-Process -Name "KeePass" -ErrorAction SilentlyContinue ) {
    Write-Warning "$keePassDisplayName is currently running. Plugin will be available at next restart of KeePass process." 
} else {
    Write-Host "$packageName will be loaded the next time KeePass is started."
    Write-Host "Please note this plugin may require additional configuration. Look for a new entry in KeePass' Tools>Options"
}

 [DEBUG] - Calling command ['"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -NoLogo -ExecutionPolicy Bypass -Command "[System.Threading.Thread]::CurrentThread.CurrentCulture = '';[System.Threading.Thread]::CurrentThread.CurrentUICulture = ''; & import-module -name 'C:\ProgramData\chocolatey\helpers\chocolateyInstaller.psm1'; & 'C:\ProgramData\chocolatey\helpers\chocolateyScriptRunner.ps1' -packageScript 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1' -installArguments '' -packageParameters ''"']
 [ERROR] -  Get-ItemProperty : Specified cast is not valid.
 [ERROR] -  At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:14 char:12
 [ERROR] -  + $regPath = Get-ItemProperty -Path @('HKLM:\Software\Wow6432Node\Micro ...
 [ERROR] -  +            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 [ERROR] -      + CategoryInfo          : NotSpecified: (:) [Get-ItemProperty], InvalidCastException
 [ERROR] -      + FullyQualifiedErrorId : System.InvalidCastException,Microsoft.PowerShell.Commands.GetItemPropertyCommand
 [INFO ] -  Get-BinRoot is going to be deprecated in v1 and removed in v2. It has been replaced with Get-ToolsLocation (starting with v0.9.10), however many packages no longer require a special separate directory since package folders no longer have versions on them. Some do though and should continue to use Get-ToolsLocation.
 [ERROR] -  Get-ChildItem : Cannot find path 'C:\ProgramData\chocolatey\-ErrorAction' because it does not exist.
 [ERROR] -  At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:4 char:33
 [ERROR] -  +     function Get-ChildItemDir { Get-ChildItem -Directory $args }
 [ERROR] -  +                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 [ERROR] -      + CategoryInfo          : ObjectNotFound: (C:\ProgramData\chocolatey\-ErrorAction:String) [Get-ChildItem], ItemNot 
 [ERROR] -     FoundException
 [ERROR] -      + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
 [ERROR] -  Get-ChildItem : Cannot find path 'C:\ProgramData\chocolatey\SilentlyContinue' because it does not exist.
 [ERROR] -  At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:4 char:33
 [ERROR] -  +     function Get-ChildItemDir { Get-ChildItem -Directory $args }
 [ERROR] -  +                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 [ERROR] -      + CategoryInfo          : ObjectNotFound: (C:\ProgramData\...ilentlyContinue:String) [Get-ChildItem], ItemNotFound 
 [ERROR] -     Exception
 [ERROR] -      + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
 [ERROR] -  Exception calling "GetDirectoryName" with "1" argument(s): "The path is not of a legal form."
 [ERROR] -  At C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:32 char:9
 [ERROR] -  +         $installPath = [io.path]::GetDirectoryName($installFullName)
 [WARN ] -  WARNING: KeePass Password Safe not found.
 [ERROR] -  +         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 [ERROR] -      + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
 [ERROR] -      + FullyQualifiedErrorId : ArgumentException
 [ERROR] -  ScriptHalted
 [ERROR] -  In C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1:37 Zeichen:5
 [ERROR] -  +     throw
 [ERROR] -  +     ~~~~~
 [ERROR] -      + CategoryInfo          : OperationStopped: (:) [], RuntimeException
 [ERROR] -      + FullyQualifiedErrorId : ScriptHalted
 [DEBUG] - Command ['"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -NoLogo -ExecutionPolicy Bypass -Command "[System.Threading.Thread]::CurrentThread.CurrentCulture = '';[System.Threading.Thread]::CurrentThread.CurrentUICulture = ''; & import-module -name 'C:\ProgramData\chocolatey\helpers\chocolateyInstaller.psm1'; & 'C:\ProgramData\chocolatey\helpers\chocolateyScriptRunner.ps1' -packageScript 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1' -installArguments '' -packageParameters ''"'] exited with '1'
 [DEBUG] - Calling command ['"C:\Windows\System32\shutdown.exe" /a']
 [DEBUG] - Command ['"C:\Windows\System32\shutdown.exe" /a'] exited with '1116'
 [DEBUG] - Capturing package files in 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nupkg'
  with checksum '8EA973F4B0D7074ADBC2A3923DAFE511'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\keepass-plugin-winhello.nuspec'
  with checksum 'F739E35F3FAE00F25B114E792288E9D3'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\plugin\KeePassWinHelloPlugin.plgx'
  with checksum '1F4E6373211FD923CDAC01E875D798E3'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1'
  with checksum '7D97CCFFC36DB30F05D6D3B0E747F3D4'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyUninstall.ps1'
  with checksum 'EFEEE192516A7B4DBB04A3703359DA4C'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\LICENSE.txt'
  with checksum 'AE2956A8AFAB79383487D251573F3209'
 [DEBUG] -  Found 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\VERIFICATION.txt'
  with checksum '07BF7D9F120D9DBBAD2CF988221B4EEA'
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\.chocolatey\keepass-plugin-winhello.3.1.1\.arguments".
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\.chocolatey\keepass-plugin-winhello.3.1.1\.extra".
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\.chocolatey\keepass-plugin-winhello.3.1.1\.version".
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\.chocolatey\keepass-plugin-winhello.3.1.1\.sxs".
 [DEBUG] - Attempting to delete file "C:\ProgramData\chocolatey\.chocolatey\keepass-plugin-winhello.3.1.1\.pin".
 [DEBUG] - Attempting to delete directory "C:\ProgramData\chocolatey\lib-bad\keepass-plugin-winhello".
 [DEBUG] - Sending message 'HandlePackageResultCompletedMessage' out if there are subscribers...
 [ERROR] - The upgrade of keepass-plugin-winhello was NOT successful.
 [ERROR] - Error while running 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello\tools\ChocolateyInstall.ps1'.
 See log for details.
 [DEBUG] - Moving 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'
 to 'C:\ProgramData\chocolatey\lib-bad\keepass-plugin-winhello'
 [DEBUG] - Attempting rollback
 [DEBUG] - Moving 'C:\ProgramData\chocolatey\lib-bkp\keepass-plugin-winhello'
 to 'C:\ProgramData\chocolatey\lib\keepass-plugin-winhello'
 [DEBUG] - Attempting to delete file "C:\Windows\system32\config\systemprofile\AppData\Local\NuGet\Cache\keepass-plugin-winhello.3.1.1.nupkg".

On my Surface 4 Iam having the Infrared sensor + a keyboard with fingerprint sensor in the keyboard.
The plugin always selects the Fingerprint sensor, that one is folded away an not my primary security item.

Please store my last choice. IR,Fingerprint or Pin

Is your feature request related to a problem? Please describe.
Hello, this is not an issue in itself. No. I'm always frustrated when to find & download and upgrade plgx and manually compare its integrity for security reasons.

Describe the solution you'd like
Just an suggestion.
Would be nice to have a auto update feature for this primary security applications plugin from trusted source. The sha256 hash of PLRGX can be verified by installation automatically optionally if specified. For the lazy ones :) and to fix incompatibility issue with future of keepass version updates with plugin by getting all in one place for example.

I don't know if you have the spare time to maintain in parallel the "packages". Which basically would contains a script to URL of github latest release asset.

Additional context

If you may want to take a look here if you don't know already:
keepass plugins packages
(There are many plugins and packages count is growing. )

Describe the bug
KeePassWinHello 3.0 error when storing keys in Windows Credential Manager.

Error states:

"Something went wrong. Please report the issue in our Github
repository with the following technical info.
KeePassWinHello.AuthProviderSystemErrorException: External error occurred
Error code: 80090029
at
KeePassWinHello.WinHelloProvider.SECURITY_STATUS.CheckStatus(Int32 ignoreStatus)
at
KeePassWinHello.WinHello.WinHelloProvider.CreatePersisstentKey(Boolean overwriteExisting)
at
KeePassWinHello.WinHello.WinHelloProvider.ClaimCurrentCacheType(AuthCacheType authCacheType)
at
KeePassWinHello.KeyManager.ClaimCurrentCacheType(AuthCacheType authCacheType)
at KeePassWinHello.OptionsPanel.SaveSettings(Settings settings)

To Reproduce
Steps to reproduce the behavior:

1. Go to 'Tools' menu
2. Click on 'Options...'
3. Click on 'WindowsHello' Tab
4. Click on 'Store keys in the Windows Credential Manager'
5. Click on 'OK'
6. See error

Expected behavior
Expected KeePassWinHello to create new key and successfully store in in the Windows Credential Manager
Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS Version: Windows 10 1803 with latest 2019-08 patches
• KeePass Version: 2.42.1
• KeePass Plugins versions:
  • DatabaseBackup: 2.0.8.6
  • Favicon Downloader: 1.9
  • IOProtocolExt: 1.16
  • KeePassWinHello: 3.0
  • KeeResize: 1.12
  • KPScript: 2.42.1
• Hardware info: HP ZBook G5

Additional context
Windows Hello credentials set to accept a PIN or Fingerprint

Describe the bug
Error Message Pop Up at Program Start.
KeePass does not recognize WinHello.

To Reproduce
Steps to reproduce the behavior:

1. Download KeePass 3.1.1
2. Input Trigger

3. Install Plugin
4. Start KeePass

Expected behavior
After installing the Plugin I expected KeePass to recognize WinHello.
Instead every time I start KeePass I get the Error message.
KeePass starts normally after that, but does not recognize my WinHello.

Screenshots

Desktop (please complete the following information):

• OS Version - Win10 Enterprise
• KeePass Version 3.1.1
• Plugin Version KeePassWinHelloPlugin.plgx from Version 3.1.1
• Dell Latitude 7400 + DELL UltraSharp U4919DW + Dell MS819 (fingerprint sensor)

KeePass settings and environment

• Is secure desktop enabled - No
• Is KeePass running under Administrator (in elevated process) - Yes
• Installed plugins - Yes see above

Additional context
Add any other context about the problem here.

Firstly, thanks for this great plugin! With my new fingerprint reader, access to my KeePass database has never been quicker!

It took me longer than I would have liked to get this plugin working correctly because I had the following settings enabled in KeePass:

• Exit instead of locking the workspace after the specified time
• Always exit instead of locking the workspace

Exiting made more sense to me than just locking since I had to manually enter my master password each time anyway, and it was one less window open. I'm sure this is the default setting for many users, and I think it would be helpful to explicitly indicate which lock settings provide the proper user experience. In my case, deselecting the aforementioned settings and enabling all other auto-lock settings (on minimize, on tray, etc.) did the trick.

If needed I can send a pull request with proposed changes to the README which will aim to help lessen the learning curve for this plugin.

When using WSL on other computer over RDP, no Hello is available and it throw exception. Fallback password auth still work.

PS C:\Windows\System32> wsl
XXX:/mnt/c/Windows/System32$ sudo ls

Unhandled Exception: System.AggregateException: One or more errors occurred. ---> System.Exception: Invalid window handle.

This API must be called from a thread with a CoreWindow or a window must have been set explicitly.
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at WindowsHelloAuthenticator.Program.d__9.MoveNext() in C:\Users\abctk\Dropbox\develop\rust\wsl_hello_pam\win_components\WindowsHelloAuthenticator\WindowsHelloAuthenticator\Program.cs:line 60
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task1.GetResultCore(Boolean waitCompletionNotification) at System.Threading.Tasks.Task1.get_Result()
at WindowsHelloAuthenticator.Program.Main(String[] args) in C:\Users\abctk\Dropbox\develop\rust\wsl_hello_pam\win_components\WindowsHelloAuthenticator\WindowsHelloAuthenticator\Program.cs:line 94
[sudo] password for XXX:

Pls add a new option to KeePassWinHello plugin options: Maximum number of scan attempts.

Default should be 3, variations 1 to 5. If scan is not recognized during all attempts, KeePass should revert to Password Prompt, similarly to Windows login with WinHello Fingerprint routine.

Pls also add "3 days" to Key Invalidated options dropdown menu, and remove "10 min" for more proportional choice.

When the initial validity time range was defined to 'Unlimited' is there a way to revoke the key and requires for the original password again? I thought it might be enough to switch back the time range but it does not seem to have any effect.

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Currently when Windows Hello prompt appears and user clicks cancel, standard prompt will appear, and then when you close KeePass and try to open and unlock that database again Windows Hello prompt won't appear.
But sometimes user might misclick KeePass, in this case user wants to close Windows Hello prompt, but then user cannot use Windows Hello in secondary unlock attempt because this plugin doesn't allow user to do that.

Describe the solution you'd like
A clear and concise description of what you want to happen.
My suggestion would be adding an option for users to decide: users can choose to let this plugin disable Windows Hello when its being used once and failed, or for users like me would love to let plugin continue asking for Windows Hello regardless of the situation.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Or copy the Keepass2Android unlock mechanism, an option for users to decide whether Windows Hello unlock is only bound to Quick Unlock or to Master Password. When bound to Quick Unlock, users cannot use Windows Hello when KeePass is being locked (but not closed) and the first attempt failed. When bound to Master Password, in addition to how it works with Quick Unlock, user can also restore the functionality of Windows Hello unlock after restarting KeePass.
(I don't know why😂, I thought the first solution would be better)

Additional context
Add any other context or screenshots about the feature request here.

Looking forward to using my fingerprint to unlock keepass and more. Thank You. On one of my systems, KeePass basically crashes upon startup and close or exit. If i choose "Continue", it does not continue gracefully, i have to force quit. Would be nice if the KeePassWinHello plugin handled the absence of "Windows Hello" exception gracefully.

Win10 1803 (OS Build 17134.228)
KeePass 2.39.1

Windows Hello is not available
KeePassWinHello
   at KeePassWinHello.WinHello.Encrypt(Byte[] data)
   at KeePassWinHello.WinHelloProvider.Encrypt(ProtectedBinary composedKey)
   at KeePassWinHello.WinHelloProvider.CacheKeyForDB(String databasePath, CompositeKey keys)
   at KeePassWinHello.KeePassWinHelloExt.FileClosingPreHandler(Object sender, FileClosingEventArgs e)
   at KeePass.Forms.MainForm.CloseDocument(PwDocument dsToClose, Boolean bLocking, Boolean bExiting, Boolean bEcas, Boolean bUpdateUI)
   at KeePass.Forms.MainForm.CloseAllDocuments(Boolean bExiting)
   at KeePass.Forms.MainForm.OnFormClosing(Object sender, FormClosingEventArgs e)
   at System.Windows.Forms.Form.OnFormClosing(FormClosingEventArgs e)
   at System.Windows.Forms.Form.RaiseFormClosingOnAppExit()
   at System.Windows.Forms.Application.ExitInternal()
   at System.Windows.Forms.Application.ThreadContext.OnThreadException(Exception t)
   at System.Windows.Forms.Control.WndProcException(Exception e)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
   at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
   at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
   at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
   at KeePass.Program.MainPriv(String[] args)
Byte[] Encrypt(Byte[])