orgro icon indicating copy to clipboard operation
orgro copied to clipboard
verified publisher icon amake

support biometrics/ app locking

Open gvoysey opened this issue 5 years ago • 6 comments

I store personal and confidential information in my org documents.

As an enhancement, would you consider adding support for optionally requiring FaceID/TouchID/device PIN to unlock the app?

gvoysey avatar Aug 16 '20 13:08 gvoysey

That's an interesting idea. There is a Flutter plugin for that, so it could be doable: https://pub.dev/packages/local_auth

I'm curious, though: how do you secure the file itself? Orgro doesn't store anything so the source file must be accessible through other means; if that's not locked down then adding a lock to Orgro isn't very meaningful.

amake avatar Aug 16 '20 14:08 amake

while it is true that files.app doesn’t have faceID unlock the way some other applications do (yet), i do like having app locks when possible anyway.

My threat model here is overly curious people that I have temporarily loaned my phone to, not anything more truly secure than that until such time as files.app provides real support, perhaps in iOS 14 🤞

gvoysey avatar Aug 16 '20 14:08 gvoysey

You could have orgro encrypt sections per #33 and unlock/decrypt a given file's encrypted sections with biometrics (or a passcoce). That way you can store the keys in a safe app-specific storage location.

Added suggestion: You could also have orgro insert an elisp block which would decrypt the pgo'd text automatically when org-mode in emacs opens/runs the file. Not sure how to reconcile that with safely storing the key though. Maybe insert a password protected version as a comment within the elisp block and decrypt it?

chrstfer avatar Apr 28 '21 09:04 chrstfer

I don't see any API, at least in the Flutter package linked above, allowing use of biometrics to encrypt/decrypt or store values. All it offers is getting a boolean representing whether the user was recognized or not.

amake avatar Apr 28 '21 12:04 amake

I don't think it makes sense to require biometrics or authentication merely to open the app or view plain text files.

But it would make sense to have biometric auth in order to protect e.g. a private key stored in Orgro for decrypting content (see #33).

Relevant libraries:

  • https://pub.dev/packages/biometric_storage
  • https://pub.dev/packages/flutter_secure_storage
  • https://pub.dev/packages/flutter_locker
  • https://pub.dev/packages/local_auth

amake avatar Dec 13 '23 00:12 amake