chain-desktop-wallet icon indicating copy to clipboard operation
chain-desktop-wallet copied to clipboard

Published 20 hours ago verified publisher icon crypto-com

Feature: Timeout on password entry

Open crypto-matto opened this issue 2 years ago • 0 comments

Background

There’s always a dilemma between security & convenience. While enforcing every transactions to input password increases security, which also creates inconvenience among users.

We shall strike a balance.

Suggestion

Agreed by Security Team, within a suggested period of time (e.g. 10 mins) after every successful transaction, we can allow users broadcast a transaction without entering the password again.

Task

  • [ ] The decrypted phrase / password shall be stored across the wallet, and remain usable until expiration
  • [ ] Apply this stored decrypted phrase / password in all places
  • [ ] Above of every transaction confirmation button, there's an option for user to checkout whether to skip password entry for certain period of time
  • [ ] Upon expiration, the stored decrypted phrase / password shall be removed

crypto-matto avatar May 30 '22 03:05 crypto-matto