Safe Notes is a security project aimed at providing an encrypted, private note manager that works locally and protects notes from various threat actors.
Description:
Implement a feature that permanently deletes all user data if an incorrect password is entered a specified number of times, making the data completely unrecoverable. This functionality would enhance security for users requiring strict data confidentiality.
Technical Specifications:
Trigger Mechanism:
Set a threshold (e.g., 3 consecutive incorrect attempts) to trigger the deletion process.
Track incorrect password attempts and reset the counter upon a successful login.
Data Deletion:
Upon reaching the threshold, execute a full data purge. This should include:
Securely deleting all note data from both persistent storage (e.g., database or local file system) and any cached locations.
Overwriting sensitive data in memory before release, where applicable, to prevent retrieval.
Non-Recoverable Guarantee:
Ensure that the deleted data is irrecoverable by avoiding any temporary backups, logs, or redundancy that might allow data restoration after deletion.
If using a database, consider mechanisms like PRAGMA secure_delete (if SQLite) or similar secure deletion practices to enhance data removal from disk sectors.
Configuration Setting:
Provide an option in the settings to enable/disable this feature, with a prominent warning about irreversible data deletion.
Include additional warnings when the user enables this option to avoid accidental data loss.
User Feedback and Warnings:
For each incorrect password attempt, display a warning to the user (e.g., “Incorrect password. All data will be permanently deleted after X more failed attempts”).
On final incorrect attempt, initiate the deletion process without additional confirmation to prevent further interaction risks.
Rationale: This feature is intended to protect highly sensitive data by making it irrecoverable in the event of unauthorized access attempts.
Description: Implement a feature that permanently deletes all user data if an incorrect password is entered a specified number of times, making the data completely unrecoverable. This functionality would enhance security for users requiring strict data confidentiality.
Technical Specifications:
Trigger Mechanism: Set a threshold (e.g., 3 consecutive incorrect attempts) to trigger the deletion process. Track incorrect password attempts and reset the counter upon a successful login.
Data Deletion: Upon reaching the threshold, execute a full data purge. This should include: Securely deleting all note data from both persistent storage (e.g., database or local file system) and any cached locations. Overwriting sensitive data in memory before release, where applicable, to prevent retrieval.
Non-Recoverable Guarantee: Ensure that the deleted data is irrecoverable by avoiding any temporary backups, logs, or redundancy that might allow data restoration after deletion. If using a database, consider mechanisms like PRAGMA secure_delete (if SQLite) or similar secure deletion practices to enhance data removal from disk sectors.
Configuration Setting: Provide an option in the settings to enable/disable this feature, with a prominent warning about irreversible data deletion. Include additional warnings when the user enables this option to avoid accidental data loss. User Feedback and Warnings: For each incorrect password attempt, display a warning to the user (e.g., “Incorrect password. All data will be permanently deleted after X more failed attempts”). On final incorrect attempt, initiate the deletion process without additional confirmation to prevent further interaction risks.
Rationale: This feature is intended to protect highly sensitive data by making it irrecoverable in the event of unauthorized access attempts.