extensions icon indicating copy to clipboard operation
extensions copied to clipboard

Published 20 hours ago verified publisher icon raycast

Support Touch ID for Authy Extension

Open nicekiwi opened this issue 2 years ago • 3 comments

Extension – Authy

Author: @guga4ka

Describe the feature and the current behavior/state. Add a layer of security to accessing OTA codes, for instance the Authy iOS app supports touch ID, ideally add an option to required system login auth to show list of OTA codes after the command to open them is activated.

Who will benefit from this feature? Anyone wanting to secure their OTA codes if workstation were breeched.

Any Other info. https://www.electronjs.org/docs/latest/api/system-preferences#systempreferencesprompttouchidreason-macos

nicekiwi avatar Oct 06 '22 01:10 nicekiwi

Raycast isn't an electron app, and currently doesn't support touchID. I thought several times about security aspects and the single option that I could imagine is master password but it might be a bit rudimental to have a separate password for OTPS

guga4ka avatar Oct 10 '22 14:10 guga4ka

Yeah, I suspected as much, electron information was all I could find on V8 and Touch ID :(

Authy app also supports a 4 number pin code, maybe that could work instead?

nicekiwi avatar Oct 10 '22 22:10 nicekiwi

Whichever way you choose (TouchID, Pin Code, Master PW), I believe the extension needs some additional protection. Currently, the only option is to store the master pw permanently, which is quite insecure.

dudido avatar Oct 18 '22 10:10 dudido

I'm sorry for being silent for so long, but due to the war in my country, I couldn't contribute a lot. Let's try to figure out all requirements.

I got a few questions:

  1. should I use a backup/master password to unlock access? Cons of this approach is a long password, I'm using 128 chars password and couldn't input it manually. Also, users that do not want to protect their OTP still need to pass backup password to encrypt their OTP

  2. separate password. I will leave backup password as a preference of extension and user would be able to set up password he wants

here is a small demo of 2nd option

https://user-images.githubusercontent.com/13866979/200345771-e3619081-b0a1-4ce4-8a0e-6fd78550c868.mov

guga4ka avatar Nov 07 '22 15:11 guga4ka

separate password. I will leave backup password as a preference of extension and user would be able to set up password he wants

Looking good, maybe easiest to restrict it to a 4 digit PIN code, as the iOS/Android apps do. Yes, do keep the backup password separate :)

nicekiwi avatar Nov 15 '22 04:11 nicekiwi

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs in the next 7 days to keep our backlog clean 😊

stale[bot] avatar Nov 29 '22 08:11 stale[bot]

I'm closing this due to inactivity; feel free to comment in the thread when you're ready to continue working on it 🙂 You can also catch us in Slack if you want to discuss.

stale[bot] avatar Dec 11 '22 05:12 stale[bot]