orbot icon indicating copy to clipboard operation
orbot copied to clipboard
verified publisher icon guardianproject

Restrict display Client Authorization

Open xyz-nobody opened this issue 2 years ago • 1 comments

Would it be possible not to display the whole .onion url in :

Onion Services --> Client Authorization

And to put a password on the backup client authorization key function?

The goal is that if someone has our phone in his hand for a moment, he can not immediately read the URIs displayed, or export our keys.

We could display for example the first 6 or 10 characters.

xyz-nobody avatar Feb 10 '23 18:02 xyz-nobody

In Signal when you go to link a new laptop/device to your phone it makes you enter the phone's password preventing someone who grabbed your phone while you had it unlocked and adding a new account.

I think for the time being I'm going to implement this kind of feature around Orbot and specifically with importing/exporting this data.

This is somewhat related to #737 which will put this functionality behind a preference when it comes to opening/closing Orbot

bitmold avatar May 14 '25 18:05 bitmold