Comments (6)
I agree this is a security risk based on the current design. So either the app-level authentication mechanism would have to be added back, a separate layer of security would have to be wrapped around the global settings, or this setting would have to be migrated from a global setting to a database-specific setting which would allow different auto-lock times for each database. The app-level locking was already implemented and removed because of issues so that option may be off the table. I don't think any of the other global settings are an inherent security risk except maybe clipboard clearing but that's a stretch.
from strongbox.
Yeah, it seems like the best way to mitigate this kind of scenario is an App lock. Just need to get a better design than the last implementation, as the various storage providers tend not to play well with any top level view/navigation interference (they assume they own the view hierarchy).
from strongbox.
I am a few months late but I second this request.
All security, privacy apps MUST have this feature (protonmail, minikeepass, authy to name a few)
Most apps allow you to secure the app with a touchID/FaceID but what good is it if it is the same authentication method as what you use to unlock your phone? There are so many cases where a second layer password is needed for the whole app.
Cheers!
from strongbox.
Settings/Preferences can now be protected with 1.28.0. Leaving open for comments for a short while.
from strongbox.
Thanks for the adding this feature. I like the addition of this extra layer of security. It works well so far for me with no issues.
from strongbox.
This looks good now... closing...
from strongbox.
Related Issues (20)
- Feature Request: Advanced/Configurable Password Entropy Calculator HOT 6
- [BUG] Safari Autofill freezing HOT 1
- Project cannot be built, half the repo is missing. Open source, but not really? HOT 2
- [BUG] iOS 18 Convience unlock doesn't work with database keyhole HOT 11
- [BUG] Duplicate suggestions for one credential entry in the database HOT 5
- [BUG] Pro features stay activated after trial ends HOT 5
- Question: macOS Sequoia - usage of Strongbox App still possible with native autofill?
- [BUG] Trying to open a database stored on google drive without internet forces relogin on next try. HOT 3
- [BUG] Strongbox Autofill unlock with system-profile password instead of Strongbox password when Touch ID enabled HOT 3
- [BUG] OneDrive: Could not locate the database file. Has it been renamed or moved? HOT 11
- [BUG] - Restore Password Generator from Tray Icon functionality HOT 5
- Feature request: Exclude entry from 2fa availability check HOT 3
- Feature request: An entry that behaves as a shortcut to open a database HOT 1
- [StrongBox Zero] Only non-recommended storage location available HOT 3
- Shortcuts (or App Intents) HOT 2
- [BUG] Quick Search box doesn't respect cursor movement keys HOT 4
- [BUG] TOTP Progress Bar stays at minimum HOT 3
- [BUG] HOT 6
- [BUG] Strongbox is missing in the 2FA/TOTP option of macOS
- [BUG] Recurrent Face Id HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from strongbox.