thunderbird-android icon indicating copy to clipboard operation
thunderbird-android copied to clipboard
verified publisher icon thunderbird

Biometrics to open the email app

Open FMorschel opened this issue 2 years ago • 3 comments

Checklist

  • [X] I have used the search function to see if someone else has already submitted the same feature request.
  • [X] I will describe the problem with as much detail as possible.
  • [X] This issue only contains a request for one single feature, not multiple (related) features.

App version

6.714

Problem you are trying to solve

I'd like to keep my email more secure. I live in a country where stolen phones are really common. There is a trend of phones being stolen while the owner has them unlocked, and they try not to click on the button to keep the screen on so they can access the data.

Suggested solution

I'd like to propose that the email app has a security feature similar to the one on the desktop app, where there is a need for a password.

My actual request would be to have a password to lock the email app and possibly allow biometrics to unlock it.

There could be a timer to lock it again similar to what WhatsApp already has.

Screenshots / Drawings / Technical details

Options available on WhatsApp as a reference:

Aditional information

The last switch was already asked at #7529.

FMorschel avatar Jan 19 '24 11:01 FMorschel

Trying to defend against an attacker that gets access to an unlocked device on an app level is unreasonably costly (in terms of development and maintenance cost) and still leaves you unprotected in case you had the email app open while the device was stolen.

I suggest you look into solutions that can automatically lock your device when it is stolen. E.g. lock the device when the Bluetooth connection to a device that you keep on your body is lost.

cketti avatar Jan 19 '24 12:01 cketti

I'm aware that I would still be unprotected if the email was open, and this exact behaviour of locking the app can be mostly created as well with apps like Kaspersky which can make apps need a fingerprint or a code to open, but that is still not ideal because when you open the app, sometimes it takes some seconds for the Kaspersky app to lock it.

I would still look into those options you mentioned, of course, but I would really appreciate it if this was at least not discarded up-front. I intend to make some contributions to OSS in the future, but I'm not familiar with Android development specifically yet, so if this issue could stay open here, to someone else to open a PR or even myself in the future, I'd be very grateful.

FMorschel avatar Jan 19 '24 12:01 FMorschel

Essential feature for an email app. Access to email on a stolen phone is catastrophic as email is often used to reset passwords. I also help if one lends the phone to a child or other person with permission and you do not want them to see your mail or fiddle with it. The Norton app lock is a pain as not sure it uses biometrics.

adingbatponder avatar May 07 '24 20:05 adingbatponder