UX Defect: excessive user interaction with hardware keys configured to require touch

[marcrhansen]

Background

Security best practices for using HMAC-SHA1 Challenge-Response set the hardware key to require touch before supplying the response. This prevents malware from surreptitiously exercising the hardware key with a background process to obtaining current valid credentials. 

Problem

The use of hardware keys as implemented in Strongbox 1.17.0 does not cache the response from the hardware key. Perhaps the developer felt this was more secure. In practice, this forces the user to choose between a burdensome user experience of touching the hardware key for every save or disabling the require touch functionality of the key. IMHO, the system is more secure with Strongbox caching the response of the hardware key and reusing the cached response for all subsequent saves than it will be with the require touch functionality disabled. Unquestionably the cached response must be destroyed when the database is locked. Optionaly, the decision to cache the response could be a user-selectable option. 

Related Issues

#611

[strongbox-mark]

Hi @marcrhansen - Yes, we've got something like this on our backlog