Skip to content

Optional PINs per volume, to protect volume passwords a little more#79

Open
marfl wants to merge 6 commits into
mrpdaemon:masterfrom
marfl:master
Open

Optional PINs per volume, to protect volume passwords a little more#79
marfl wants to merge 6 commits into
mrpdaemon:masterfrom
marfl:master

Conversation

@marfl

@marfl marfl commented Mar 10, 2015

Copy link
Copy Markdown

This pull requests implements the following feature:

  • If password caching is on and a password would be saved (e.g., after unlocking a volume for the first time), the user is asked first if he wants to set an optional PIN for that volume.
  • Whenever the user unlocks a volume for which a password is cached and a PIN is set, he needs to enter that PIN.
  • If a wrong PIN is entered, the volume is not unlocked. If a wrong PIN is entered three times, the password is deleted from the database and needs to be entered again.
  • There are no additional UI elements and the PIN can only be changed by entering a wrong pin three times or by deleting the volume and adding it again.

With this, users can use secure (and thus hard to remember and type) passwords for their EncFS containers without breaking usability. Still, if someone snatches their device, they cannot simply look at all volumes. At the same time, some volumes that are accessed very often, like volumes with notes, can still be accessed quickly.

This is the same idea I outlined in the discussion for #13. However, I now believe that PINs per volume are a somewhat different feature than a PIN for the whole app and that both features could also coexist.

Last note: PINs and passwords are saved unencrypted in the database, so this is not a security measure against sophisticated adversaries.

Martin Florian added 6 commits February 8, 2015 22:14
Setting and entering PINs per volume
a57dfbe 
Work in progress...

Done so far: once a volume's key is cached for the first time, the user can set
a PIN. During unlocking, the cached key is used only if the correct PIN has
been supplied.

Needs a database update, so all existing volumes must be deleted and re-added
manually (I think).
Feedback on wrong PIN
c2c9848
Counting failed PIN attempts
026177d 
Also delete cached key on three failed attempts
Minor code cleanup
d09b579
Incremented DB_VERSION and updated onUpgrade
7472778 
The PIN and PINATTEMPTS columns should now be created on upgrade from
older versions.
Fixed inconsistency when disabling password caching
00c0d2f 
PINs were not deleted alongside passwords when password caching is disabled
in the settings.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@marfl