bitbox02-firmware icon indicating copy to clipboard operation
bitbox02-firmware copied to clipboard

Published 20 hours ago verified publisher icon digitalbitbox

Improve password input security (random order)

Open Giszmo opened this issue 3 years ago • 3 comments

If entering the password in a public setting, it is almost impossible not to leak it. The discreet left-middle-right clicks are very easily detected at a great distance.

Although it makes input even harder, the three groups should get shown in random order.

(Should my proposal #743 get implemented, then the alphabet could start looping at a random pace until click occurs. In this mode, the initial click may be very imprecise.)

Giszmo avatar Apr 11 '21 19:04 Giszmo

Hey @Giszmo, thanks for the input (pun intended :p). I understand the concern, however something like this will likely have a strong negative impact on usability, which a key component of the BitBox02 design principle (to be the easiest to use hardware wallet). Also, the screen would still be visible to the public, so I think the overall benefit of a randomizing the characters is limited. If something like this were to be implemented, it would probably be an advanced option.

jadzeidan avatar Apr 18 '21 11:04 jadzeidan

I was always wondering if the slider input of the BB would allow scrolling directly through the list of input characters (or block of chars: a-z,A-Z,0-1,...) what would allow much faster input and improve security. The current method requires multiple interactions just to select a single char. In my opinion this is not very user friendly and tempts to limit yourself to shorter phrases.

malesch avatar Jun 29 '21 07:06 malesch

@malesch it would be possible, and ideally we'd like to offer both ways of input.

We tested some prototypes of inputting via scrolling in the past, and while it was a bit more intuitive, it also turned out to be a slower way of entering with the prototypes we made. The reason is that tapping one of the three groups can be done quickly and accurately and committed to muscle memory.

That being said, we didn't iterate a ton on the scrolling variant, so there is room for improving that too, maybe even to the point where it can be as quick as the tapping variant. However, it was always low priority compared to other features since the current way of inputting seems to work very well generally. It is not likely we will work on the scrolling variant anytime soon.

cc @jadzeidan

benma avatar Jun 29 '21 09:06 benma