This pull requests implements the following feature:
If password caching is on and a password would be saved (e.g., after unlocking a volume for the first time), the user is asked first if he wants to set an optional PIN for that volume.
Whenever the user unlocks a volume for which a password is cached and a PIN is set, he needs to enter that PIN.
If a wrong PIN is entered, the volume is not unlocked. If a wrong PIN is entered three times, the password is deleted from the database and needs to be entered again.
There are no additional UI elements and the PIN can only be changed by entering a wrong pin three times or by deleting the volume and adding it again.
With this, users can use secure (and thus hard to remember and type) passwords for their EncFS containers without breaking usability. Still, if someone snatches their device, they cannot simply look at all volumes. At the same time, some volumes that are accessed very often, like volumes with notes, can still be accessed quickly.
This is the same idea I outlined in the discussion for #13. However, I now believe that PINs per volume are a somewhat different feature than a PIN for the whole app and that both features could also coexist.
Last note: PINs and passwords are saved unencrypted in the database, so this is not a security measure against sophisticated adversaries.
This pull requests implements the following feature:
With this, users can use secure (and thus hard to remember and type) passwords for their EncFS containers without breaking usability. Still, if someone snatches their device, they cannot simply look at all volumes. At the same time, some volumes that are accessed very often, like volumes with notes, can still be accessed quickly.
This is the same idea I outlined in the discussion for #13. However, I now believe that PINs per volume are a somewhat different feature than a PIN for the whole app and that both features could also coexist.
Last note: PINs and passwords are saved unencrypted in the database, so this is not a security measure against sophisticated adversaries.