Unlock using Windows Domain account

[mdell-seradex]

Have you searched for an existing feature request?

• Yes, I tried searching

Brief Summary

I see that KeePassXC supports Windows Hello, but that is unfortunately disabled on my system because it is in a Windows Domain which is controlled by our IT. I also have no fingerprint reader on my desktop.
I was wondering if it was possible to enable unlocking the database via a credential prompt for my domain credentials.
I was reading through the different issues related to quick unlock, and it appears that prompting for a PIN is an option, although it is disabled on my system. It would seem to me that prompting for my credentials would be similar.

Thank you.

Example

This would work similar to the existing quick unlock, but would simply request that I enter my password.

Context

My current database password is complex and I have to keep looking it up. If it was stored in the Windows Credential system, it would be much easier for me and should be as secure as quick unlock is now.

[droidmonkey]

We will not support this feature. We will have pin unlock internal to KeePassXC for 2.8.0 release, but that won't support saving (persisting) the quick unlock across sessions.

[mdell-seradex]

Is there a reason why?

[droidmonkey]

It's not a feature we are willing to maintain, we also do not favor authentication integrations as KeePassXC is meant to be used independent of the OS.

[mdell-seradex]

Isn't that what the Windows Hello integration is, used in the Quick Unlock feature?
I thought that this would essentially be an extension of that, but perhaps I don't have enough info to make that judgement.
Note that I do develop applications for the Windows platform, but haven't really ventured into that area.

[droidmonkey]

If it is windows hello (for business) then it'll work just like the current windows hello integration. Your request implied some form of domain integration which we are not doing.

[mdell-seradex]

I did not mean to imply integration with a Windows Domain itself. Only that I log in to my PC using a Windows Domain account, but, from what I an aware, it still stores information on my PC similar to what it would do for a local account.
Windows hello in any form has not been enabled on my Desktop PC. I do not have a camera nor a fingerprint reader, and I am accessing that system via a remote desktop connection from home about 50% of the time.
I was simply hoping for a way to get Windows (my Desktop Windows 11 Pro PC) to display a credential prompt instead of the PIN, face, or fingerprint prompt, similar to the one my web browser does when attempting to view password info. Wouldn't it be up to Windows itself to handle the type of account?

[droidmonkey]

I'll reopen this, but there are no PasswordVault storage options that I can see that require re-auth of your windows account before using. Unless this is a domain configuration setting that is independent of the apps usage of the API?