search

Kunzisoft / KeePassDX

Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
https://www.keepassdx.com/
GNU General Public License v3.0
4.58k stars 270 forks source link

Feature request: quick unlock #102

Closed Fred-Vatin closed 3 years ago

Fred-Vatin commented 6 years ago

I use the Keepass2Android app and this feature make it very pleasant to use. When DB is auto lock, then you only have to type the 3 last letter of your password to unlock. I have a long pass phrase so it is really helpful.

J-Jamet commented 3 years ago

Finally @shadow, with other technical constraints explained in #566, #437 and #807, I will directly implement the foreground service. It is the safest and most precise solution.

J-Jamet commented 3 years ago

New method :

The encrypted content generated by the biometric API (also used for the device credential) will be stored temporarily in the foreground service if the setting is enabled in KeePassDX. This will solve the majority of issues (stored data #807, deletion of data with restriction in new android version #437 #566) and not need to create a session system manually #https://github.com/Kunzisoft/KeePassDX/issues/102#issuecomment-633040371. It will work theoretically for all unlocking modes.

With this behavior, the Keystore only contains random keys (generated for the temporary biometric system) and no sensitive content, so no longer needs to manage it differently for each unlocking method and no need to invalidate keys anymore #566.

There will unfortunately be a notification still present, but we could use a specific channel to manually disable this notification in the OS settings.

This is a not at all an obvious feature, so sorry if I test yet another solution but I prefer to test all cases to get the best result.

J-Jamet commented 3 years ago

I implemented the new method in a branch and it works like a charm. I am very happy. There are still some bugs to fix but I'm pretty proud of the job done. :) ~https://github.com/Kunzisoft/KeePassDX/tree/feature/Temp_Advanced_Unlock~ <- Merged

shadow00 commented 3 years ago

That's fantastic! Can't wait to try it!

Regarding the permanent notification of the background service: KP2A has it too, and personally I don't mind it - in fact, I think it's a good way to show that the QuickUnlock service is available. I haven't noticed any significant increase in battery usage because of it.

Thank you for your hard work!

J-Jamet commented 3 years ago

I have completed the development of the device unlock for Android M+, will be available in the next version.

J-Jamet commented 3 years ago

Version 2.9.5 is released, this complicated feature can now be closed! (finally) :)