Open realrufans opened 5 years ago
Hi @realrufans. Thanks for the suggestion. Note that you suggestion to introduce this option and protect by the master password would require to store a hash of the master password in the app, which is currently not needed. However, we will leave this issue open, to gather opinions about this topic.
Components
My suggestion will improve users experience with the app. The suggestion requires an additional option in the app settings.
Proposal Description
I understand how this project takes security issues seriously, and at the same time, the app seems to be privacy friendly. I noticed that the application has
FLAG_SECURE
feature enabled. For those who don't know what FLAG_SECURE is, it's a feature that disables the app screen from being be captured or recorded.My experience with the app was awesome, but, I think there's an option missing. This option is the ability for users to enable, or disable the
FLAG_SECURE
feature.The
FLAG_SECURE
can be narrowed down to users level, by adding an option in the app settings to disable/enable screen recording.I sincerely understand that the project is aiming at setting its security level at topnotch while being friendly. But, I at the same time, I believe if this option is implemented, the app will be even more friendly, and will still main its privacy level.
The button can be titled as Screen security. Once this button is switched on, users won't be able to take recordings or screenshots, while when it's turned off, will be the opposite case.
Does This Feature Gives Aceess To Unauthorised Users To Take Screenshots/Recordings?
Implementing this request will definitely let any user enable or disable screenshot feature. I know it's an issue, but, it can be solved by enabling Master password while trying to disable
FLAG_SECURE
option. This simply means if a user doesn't have the Master password, then the user can't enable screen recording. The app has the master key enabled already. So, requesting for the master key while turning offFLAG_SECURE
option should be an ease intent.Mockups / Examples
Before the user could turn the screen security off, he/she must have entered the app master key.
Benefits
If this feature is implemented, the account owner will be free to take screenshots for personal reasons. As I have sated at the beginning of this suggestion that, I had a nice time with the app. But, I needed to take a screenshot of the app, but I was denied access. Also, I might decide to take screenshots of my passwords so as to save them on another storage( picture form), as we all know an app can be uninstalled anytime, and I don't want to lose my passphrases to my accounts.