Description
I'd like to be able to configure Aegis to automatically expire biometric authentication credentials after a configurable amount of time has passed, and on reboot. In other words, I want Aegis to occasionally require password authentication.
The motivation here is that while biometric auth is convenient, it is also demonstrably not that hard to bypass, meaning (strong) password authentication is notably more secure. Expiring biometric credentials on a schedule and on reboot helps provide more of a balance between convenience and security, by letting you mostly use biometric auth, while putting a hard upper time limit on how long a potential attacker has to attempt to bypass the biometric auth.
As an example, KeePassDX allows this kind of setup.