MobileKidsIdApp icon indicating copy to clipboard operation
MobileKidsIdApp copied to clipboard
verified publisher icon HTBox

Implement Idle App / Re-Login Behavior

Open bseebacher opened this issue 7 years ago • 5 comments

As a user, I expect to provide my password on initial setup and when the application is started. After the app resumes from sleep, the password is presently not required. Since mobile OS platforms are aggressive about using sleep behavior, this may result in the application not being fully shut down for extended periods, leaving the application open for viewing without a password prompt.

As the product owner, I need to decide how to balance usability (minimizing password prompting) and security (checking credentials). We have the capability to prompt for password every time the app resumes from sleep, but it may not be desirable to force this on the user on every load. Some sort of timeout mechanism may be possible to implement as a compromise.

bseebacher avatar Nov 10 '18 21:11 bseebacher

In talking to @tlhotkamcm it sounds like the preferred approach is to use a timer so the app locks after a few minutes of inactivity.

rockfordlhotka avatar Nov 24 '18 22:11 rockfordlhotka

@rockfordlhotka We have two states to consider: what happens when the app comes to the foreground from the background and what we manually lock while in foreground due to "inactivity."

We can easily force the login each time the app is brought up from the background and persist the work the user was doing by overlaying the login page.

For the foreground, the concept of "inactivity" in iOS and Android are vague. While in the foreground, the app is continually running, but what is "inactivity"? There is a layer of security where devices should have passcodes and lock screens, but (in these scenarios), we cannot depend on the users to have such passcodes and lock screens. So, back to the original question: if we assume the user is in the foreground and we start a timer while the user is using the app in the foreground:

  1. What do we determine as inactivity? E.g. no navigation has occurred? Any more granular than that and the "inactivity tracking" implementation will be quick pervasive. What if the user is simply reading the content docs? There is some navigation there, but also a lot of text. Either way, we should set a high enough inactivity to recognize if the users are spending a respectable amount of time on any given screen.

  2. What should that timeout period be for for the app in the foreground to meet the conditions of "inactivity" (item #1)?

My opinion would be to

  • Force the authentication every time the app is brought into the foreground
  • Only track navigation for purposes of "inactivity". This can be easily done in the few navigation methods in ViewModelBase.
  • Set an inactivity timer of 10 minutes. 5 minutes feels too short.

jacob-maristany avatar Jun 05 '20 19:06 jacob-maristany

I talked to @TeresaLhotka about this, and she thinks you are correct. The 10 min timeout seems right, as does forcing authn when the app is brought into the foreground.

rockfordlhotka avatar Jun 05 '20 22:06 rockfordlhotka

@rockfordlhotka @TeresaLhotka , I realized today that sometimes we (users) put the app into the background temporarily as we check email/etc and then bring it back up in quick order. My proposition to force the user to re-auth 100% of the time that they bring the app into the foreground seems overkill. I'm proposing to set a limit of a minute or so (maybe 2?). If the user brings the app back to the foreground in that short window of time, then they will not have to re-auth.

Also, since this isn't captured elsewhere yet other than the Project board, I'm going to spend some time this summer putting in biometric auths as an option for the user (touch id, face id, etc.) As how these tech always work, the password will still be there and a fallback to the biometric auth.

jacob-maristany avatar Jun 12 '20 15:06 jacob-maristany

That seems reasonable. It does seem unlikely that a return to the app within a minute of putting it in the background will greatly increase the risk of access by unauthorized users. I love the addition of the biometric authorizations. Thank you for all that you are doing!!!

Get Outlook for iOShttps://aka.ms/o0ukef

From: Jacob Maristany [email protected] Sent: Friday, June 12, 2020 10:50:25 AM To: HTBox/MobileKidsIdApp [email protected] Cc: Teresa Lhotka [email protected]; Mention [email protected] Subject: Re: [HTBox/MobileKidsIdApp] Implement Idle App / Re-Login Behavior (#310)

@rockfordlhotkahttps://github.com/rockfordlhotka @TeresaLhotkahttps://github.com/TeresaLhotka , I realized today that sometimes we (users) put the app into the background temporarily as we check email/etc and then bring it back up in quick order. My proposition to force the user to re-auth 100% of the time that they bring the app into the foreground seems overkill. I'm proposing to set a limit of a minute or so (maybe 2?). If the user brings the app back to the foreground in that short window of time, then they will not have to re-auth.

Also, since this isn't captured elsewhere yet other than the Project board, I'm going to spend some time this summer putting in biometric auths as an option for the user (touch id, face id, etc.) As how these tech always work, the password will still be there and a fallback to the biometric auth.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/HTBox/MobileKidsIdApp/issues/310#issuecomment-643345867, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJVFMSHBD7JQYZCXUZQCG6LRWJFEDANCNFSM4GDAYC5A.

TeresaLhotka avatar Jun 12 '20 16:06 TeresaLhotka