stud0709
commented
5 months ago Sorry, I still don't get your use case.
Closed ghost closed 5 months ago
stud0709
commented
5 months ago Sorry, I still don't get your use case.
stud0709
commented
5 months ago Well, when you install OneMoreSecret, you create a private key - that's how the tutorial goes. And it is stored on the device.
The fingerprint is not part of the cryptography, it is how your Android device protects the key storage - it could also ask you for a password, which I don't like, because I wanted to get rid of those master passwords in 1st place. Or require a scan of your iris or your veins or whatever method you prefer, if your device has the appropriate sensor. The key you have created is then used to protect whatever you want by means of asymmetric cryptography.
That's the main idea of the app, along with the fact, that I was trying to decouple the key storage from your working environment in some way (that's where the PC client omsCompanion comes from). Because if you stay with KeePass as an example, everything is one place, and you have to provide the master key to access the entire database - every time it is locked and you need some specific user credentials (typically, you need them one at a time BTW, why unlock the entire DB?).
Maybe I don't get your point...
That's not how it works with a username and a password.