search

ecency / esteem

eSteem Mobile - Application for Android and iOS users, start earning cryptocurrency!
https://esteem.app
MIT License
85 stars 58 forks source link

[inquiry] iOS users - login credentials are flushed (after not using the app) #212

Open 4Ykw opened 6 years ago

4Ykw commented 6 years ago

Hi there,

I have a problem after updating to the latest version of iOS for iPhone 6, 11.2.2 (I experience the issue both for the current version of eSteem and previous one).

I am pretty sure it might be something I activated, but I can't remember what. So I am hoping anyone either had already faced this issue or there is a way to "fix" this in the code. This is why I am bringing the issue.

Reproducing steps:

Anyone knows what's causing the credentials to go away?

feruzm commented 6 years ago

It is likely that iPhone run out of storage and cleaning app data and causing credentials to be flushed, all your credentials are saved on your device and iOS clears them if you have less storage. Solution would be to use different storage to keep some data, which is in our todo list!

If you don't think it is storage issue, please let us know to further investigate the cause, thanks!

4Ykw commented 6 years ago

Just wanted to confirm if other have the same or not. I am now pretty confident that it is because I use iCloud to offload everything from the iPhone. This might be offloading or flushing the credentials.

I will try to play with one more option and see if that one might be the cause.

Thanks

4Ykw commented 6 years ago

I thought it would be the option that says "take unused apps offline" but I have it NOT enabled.

I have experienced some other apps on my iPhone that are likely doing the same... for example, LinkedIn did the same for me after not using it for a couple of days.

@feruzm, is there an option to say "where" to store data when you save data to iPhone from an App? or their SDK manages that? I was thinking that you could just enable fingerprint authentication and that would map A private key, to a combination of finger+face+pin where you have to insert all of them if you do not use the app for more than... let's say (configurable) 24 hours, and only the fingerprint if you use the app within 6 hours (configurable).

If you do not authenticate for more than 10 days, then you need to reconfigure your authentication again (something that goes along with the phone life battery, to avoid people getting your keys after charging your phone).

Just a thought while I can't figure this out.