Option to use the app without secure-storage / biometrics #490
Replies: 4 comments 1 reply
-
Any updates? |
Beta Was this translation helpful? Give feedback.
-
Also interested in this. While I have biometrics on my phone it falls back to allowing my phone PIN so if someone observes me entering my PIN they can steal my phone and then can access all my TOTP codes. Having a strong password which needs to be entered each time would prevent this |
Beta Was this translation helpful? Give feedback.
-
I am also interested in this feature. I opt not to use biometrics on my phone because I do not trust Samsung with that information. I would much rather prefer a pin or password feature to access my 2FA codes on the app. |
Beta Was this translation helpful? Give feedback.
-
This feature is the only thing holding me back from switching to ente auth from authy. I will not use an authenticator that relies on the same passcode as my phone for the reason listed above. |
Beta Was this translation helpful? Give feedback.
-
In offline mode, we generate a random
key
and encrypt the 2FA secrets with this key before persisting them to disk.This
key
is then stored on the device's secure-storage, which requires biometrics – that might be unavailable on some devices.What we could do is provide an option to not use secure-storage, and instead encrypt the
key
with a passphrase, and prompt for this passphrase each time on app-start. Doing this will make the app accessible on devices that do not support biometric authentication.Beta Was this translation helpful? Give feedback.
All reactions