Remove need for pin, when set up with fingerprint

[tomfitzhenry]

It seems that I need to set up a pin, before I can add my fingerprint.

This is a problem either:

1. I choose a weak PIN, and then this is a security issue
2. I choose a strong PIN, and then I have to remember yet another thing.

[pfn]

Pin can never be removed. Fingerprints can be revoked by the system and would result in an inaccessible database.

On Sun, Mar 20, 2016, 3:52 PM Tom Fitzhenry [email protected] wrote:

It seems that I need to set up a pin, before I can add my fingerprint.

This is a problem either:

1. I choose a weak PIN, and then this is a security issue
2. I choose a strong PIN, and then I have to remember yet another thing.

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/pfn/keepshare/issues/20

[tomfitzhenry]

Ah, for users who want fingerprint, but not PIN, rather than asking to set up a PIN, could the user be prompted for their kdbx passphrase, and use that as a fallback instead?

[pfn]

I don't really want to add such a use case flow, in this case, you can create a really long pin and forget it. Setup keepshare again if the key gets revoked or the fingerprint doesn't read for some reason

On Sun, Mar 20, 2016, 4:16 PM Tom Fitzhenry [email protected] wrote:

Ah, for users who want fingerprint, but not PIN, rather than asking to set up a PIN, could the user be prompted for their kdbx passphrase, and use that as a fallback instead?

— You are receiving this because you commented.

Reply to this email directly or view it on GitHub https://github.com/pfn/keepshare/issues/20#issuecomment-199058000