Authenticator icon indicating copy to clipboard operation
Authenticator copied to clipboard

Published 20 hours ago verified publisher icon mattrubin

Support for CloudKit sync

Open jeroenleenarts opened this issue 5 years ago • 3 comments

Hi, I know and understand your reasoning behind NOT sharing credentials outside of the app sandbox.

But I would consider it a very beneficial feature if cloud something like CloudKit syncing would be supported. Especially when done with a proper pass phrase used as a basis for a symmetric encryption key.

How fundamental is your stance on NOT allowing any syncing? I would welcome it very much IF executed correctly. (And I could try and have a stab at it.)

jeroenleenarts avatar Oct 01 '19 11:10 jeroenleenarts

To make this work in the current codebase I think the settings should be stored with https://developer.apple.com/documentation/foundation/nsubiquitouskeyvaluestore

I would store the secrets through that mechanism as well. But to keep your ownership requirement you could encrypt the settings with a passphrase that is stored this device only. Users can then choose to transfer all tokens by entering their pass phrase on another device. I would suggest requiring a pretty long phrase, maybe even generate a random one.

jeroenleenarts avatar Oct 05 '19 10:10 jeroenleenarts

please do not implement syncing. It invalidates the 'something you have' validation. it would make eliminate the 2nd factor in a 2factor authentication. Its one of the reasons i avoid Authy

antedebaas avatar Dec 03 '20 13:12 antedebaas

Making it an opt-in feature could be a good idea.

jeroenleenarts avatar Dec 30 '20 21:12 jeroenleenarts