Open davidrudlstorfer opened 1 month ago
+1 for this.
I would add it's better for security to use a "dedicated code" instead of the default iPhone unlock code.
Because you probably have your password manager already unlocking with Face Id (or with the iPhone unlock code). So, using a different pin code for 2FA is better - a thief would have to know the 2 codes.
+2 to an in app lock code.
See its a PR @AmanRajSinghMourya. Thanks :)
Description
Dear Ente team,
After the recent accidents at Raivo I've switched to the Ente Authenticator on iOS and I am more than happy with all options and especially with the beautiful UI/UX. During the switch I've found the following problem with the iOS app.
I am currently using the app without an account and rely only on the mobile storage option. For additional security I've enabled the lockscreen option within Ente Auth which automatically utlizes FaceID on newer iPhone models.
If a user now covers the FaceID sensor, it breaks or some other anomaly happens one cannot gain access to their TOTP codes due to an endless FaceID loop. The same behaviour is observable on older iPhone models with TouchID sensors. There needs to be an option to either use the iPhone lock code to unlock the app or to just use a dedicated code within the app.
Thanks for your work!
EDIT: see https://developer.apple.com/documentation/localauthentication/logging-a-user-into-your-app-with-face-id-or-touch-id#Provide-a-Fallback-Alternative-to-Biometrics
EDIT2: and probably the solution https://stackoverflow.com/questions/55745446/faceid-should-fallback-to-passcode-but-does-not
Version
v3.0.4
What product are you using?
Ente Auth
What platform are you using?
Mobile - iOS