Suggest adding Security options upon app startup

[noeljbass]

Current build provides unfettered access to wallet. Adding a Pin/Password requirement before dashboard load would be a significant improvement.

[Sami32]

Yeah...to make ineficient something like the US or Israel border police forcing your finger into your phone and wallet ;-)

Terrorist...from the ones that ignore humans rights themself...LOL

For now i think such feature in Lightning wallet can only be found in Green wallet (from the same ex Blockstream CSO now CEO of JAN3)

[noeljbass]

Yeah...to make ineficient something like the US or Israel border police forcing your finger into your phone and wallet ;-)

Terrorist...from the ones that ignore humans rights themself...LOL

For now i think such feature in Lightning wallet can only be found in Green wallet.

Several wallets have security features, some better than others. Mutiny for example has a full on encrypted password requirement before you can get into your wallet. Blue wallet has password/biometrics but also has a BACKUP option in case someone tries to get into your wallet brute forcing, you can setup another instance with a separate password that opens a different wallet set that you can have a throw away amount in. All I'm asking for is the ability to minimally protect my funds. A basic 4-8 digit pin would suffice and if it's too complicated for grandma, then she doesn't need to set one.

[openoms]

+1 please add PIN (+ biometrics) protection especially when showing the seed.

An incomplete list of PIN protected Lightning capable bitcoin wallets: Zeus, Phoenix, Breez, Blink, Blixt etc, basically all have the option which I have recently tried. The exception is to have no protection at all after the phone lockscreen.

[Sami32]

Since a PIN code is just not going to pass a "grandma" test in general that produce a real security enhancement and that most people use the same unsecure code mostly everywhere, from psychological and statiscal studies, i suggest to add Passkeys support:

https://fidoalliance.org/passkeys/ https://developers.google.com/identity/passkeys

https://www.androidcentral.com/accessories/google-launches-new-titan-security-key-passkey-support

Adopting the latest security standard already adopted by the biggest OS will bring convenience and security for "grandma" to activists or reporters.

[openoms]

Make the PIN / biometrics optional so who wants the simplest UX doesn't need to use it. Maybe doesn't need to be suggested on startup.

Forcing the buy more hardware to achieve extra security is unnecessary, but could be a next optional step.

[aquawallet-admin]

Thank you for your suggestions. We are working on this feature right now, it is coming soon.

[gsipe]

Hi - Adding a pin is a great start; however having a seed phrase visible on a phone wallet doesn't work for me. After I (as a user) copy the seed, I would only be comfortable if it was no longer accessible on the device. If the phone is lost, cloned or physically stolen the seed phrase goes along with it, unless it can be blocked. With that said, the first glance looks like you have a great app. Thank you!

[tohrxyz]

@aquawallet-admin @noeljbass I would add to this, that viewing seed should be behind some pin/password. The same way like metamask, phoenix and others have it.

You shouldn't be able to display the seed from a wallet, unless you authorize yourself by some code.

[aquawallet-admin]

@aquawallet-admin @noeljbass I would add to this, that viewing seed should be behind some pin/password. The same way like metamask, phoenix and others have it.

You shouldn't be able to display the seed from a wallet, unless you authorize yourself by some code.

We are working on educating the user on the importance of keeping their seed phrase private and secure before displaying it. We will consider requiring an additional unlock as well. I will bring this suggestion up with the development team in our next meeting. Thank you for your input!