Jump to content

PatrickR

Members
  • Content count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About PatrickR

  • Rank
    Newbie
  1. Quick Unlock: TouchID timeout

    That's great news. Thank you very much.
  2. Quick Unlock: TouchID timeout

    The introduction of Quick Unlock by TouchID is a huge step forward for the usability of Enpass. However, in my opinion the promised perfect balance between convenience and security is still unmet due to the lack of a critical part: TouchID timeout. TouchID is not 100% secure as demontrated by security researchers who were e. g. able to replicate working fingerprints for TouchID. The logical consequence would be to disable TouchID in Enpass completely. However, this would not only eliminate the convenience benefit but also increase the risk of shoulder surfing. The solution is an adjustable timeout deciding whether TouchID will unlock Enpass or if the master password is required. In my current password manager*, I set it to one hour which is the perfect security/convenience tradeoff in my use cases. Patrick * TouchID timeout ist the missing feature that kept me fromswitching to Enpass.
×