Open PhilLab opened 4 years ago
schlomie
commented
4 years ago I like this idea...
As an aside, @PhilLab - you can increase the length of the quick unlock key.
Settings -> App -> QuickUnlock -> Length of QuickUnlock key
If three chars is too short, try increasing it. One failed attempt w/quick unlock hard locks the database. So with a slightly longer key, the chances of a child or some other malicious actor unlocking the db with QuickUnlock can be very slim.
PhilLab
commented
4 years ago @PhilippC this might be mergeable / related with #399
PhilLab
commented
3 years ago I found an additional, more concise argument why this feature request rocks: QuickUnlock does not survive the phone reboot. Full biometric unlock does survive it.
Two possibilities, how this feature could be implemented: a) User is asked for biometrics. With them, the database key is retrieved from the keystore. The user inserts the last three characters which are compared with the key. If they do not match, the biometrics (and characters) have to be given again to slow down brute-force.
b) User is asked for the biometrics and the last three characters. With the biometrics, a key is retrieved from the keystore which is the database key but encrypted with the last three characters the user has entered (this obviously weak key is stretched to slightly increase the encryption quality). The key is decrypted and the database unlocked. If they do not match, the biometrics (and characters) have to be given again to slow down brute-force.
I don't know about the thread model of the Keystore so I am not sure if b) makes any sense at all, but at least it would slightly reduce the trust you have to put into the Keystore as a user.
BHSPitMonkey
commented
2 years ago ~This seems to already be available in the latest version of the app. (Look for it in the Biometric unlock section of the database's settings, not in the Quick Unlock section of the app's settings)~
PhilippC
commented
2 years ago I don't think this is true. @PhilLab was expecting to have both Biometric+Short code, currently you can only enable one of those
The unlocking via fingerprint is a very convenient feature. However, a fingerprint can easily be taken without consent (there were reports of toddlers unlocking their parent's iPhone by placing their thumbs on the phone while sleeping. And not to mention more violent situations)
QuickUnlock by the last three characters also is very convenient but I am reluctant to use it because I am unsure if reducing my password effectively down to three characters is too risky for me.
What about combining both? I.e. You need the Fingerprint AND the QuickUnlock characters (or an additional pin #170 , but I think this would take longer to implement).