Comments (6)
I agree this is a security risk based on the current design. So either the app-level authentication mechanism would have to be added back, a separate layer of security would have to be wrapped around the global settings, or this setting would have to be migrated from a global setting to a database-specific setting which would allow different auto-lock times for each database. The app-level locking was already implemented and removed because of issues so that option may be off the table. I don't think any of the other global settings are an inherent security risk except maybe clipboard clearing but that's a stretch.
from strongbox.
Yeah, it seems like the best way to mitigate this kind of scenario is an App lock. Just need to get a better design than the last implementation, as the various storage providers tend not to play well with any top level view/navigation interference (they assume they own the view hierarchy).
from strongbox.
I am a few months late but I second this request.
All security, privacy apps MUST have this feature (protonmail, minikeepass, authy to name a few)
Most apps allow you to secure the app with a touchID/FaceID but what good is it if it is the same authentication method as what you use to unlock your phone? There are so many cases where a second layer password is needed for the whole app.
Cheers!
from strongbox.
Settings/Preferences can now be protected with 1.28.0. Leaving open for comments for a short while.
from strongbox.
Thanks for the adding this feature. I like the addition of this extra layer of security. It works well so far for me with no issues.
from strongbox.
This looks good now... closing...
from strongbox.
Related Issues (20)
- [FEATURE] Command Line Interface
- Add "Allow Clipboard Handoff" into Haptic Touch Menu HOT 1
- [FEATURE] Support for visionOS HOT 2
- invalid HOT 1
- FEATURE REQUEST: ssh agent should support "destination restrictions" HOT 3
- [BUG] yubikey 5C NFC does not work. HOT 2
- A small typo in a support article HOT 1
- [BUG] Favicon download selection is suboptimal HOT 1
- [FEATURE] Make optional the quick start menu HOT 14
- [BUG] QuickType and Autofill ignoring the port from visited URL HOT 1
- [FEATURE] Duress PIN for the paranoid HOT 2
- [BUG] [iOS] Safari freezes while AutoFill HOT 3
- [NO ACTUAL BUG] Virtual Hardware Security Key (auto-fill only) recently stopped working HOT 10
- Feature Request: Automatically prompt for Hardware Key (yubikey) and disable password input if we opt for it HOT 4
- Feature Request: Advanced/Configurable Password Entropy Calculator HOT 6
- [BUG] Safari Autofill freezing HOT 1
- Project cannot be built, half the repo is missing. Open source, but not really? HOT 2
- [BUG] iOS 18 Convience unlock doesn't work with database keyhole HOT 11
- [BUG] Duplicate suggestions for one credential entry in the database HOT 5
- [BUG] Pro features stay activated after trial ends HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from strongbox.