Auto Logout #7699
kaizokan
started this conversation in
Enhancements
Auto Logout
#7699
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
If a bad actor was able to watch a passcode being entered on iOS or Android before they stole the device they have access to Ente Auth even if it’s secured with device lock. The same goes for biometrics when an attacker forces someone to use biometrics with or without the user being aware of it (yes biometrics are not always safe or secure).
It would be great if there was an option to automatically log out Ente Auth after a set period (customizable) to mitigate the risk of these kind of attacks. Authenticator apps are usually not used so frequently either to stay logged in.
Passwords or recovery keys should always be taken care of and a users should not have to rely on logged in devices that can be lost. It should however be an option so those who want to stay logged in can do so if they don't have easy way to remember or retrieve their password.
edit: mentioning #1042 which is related to this enhancement
Beta Was this translation helpful? Give feedback.
All reactions