On 01/03/2018 09:59 AM, Matej Kovacic wrote:
David W. Jones je napisal(a):
Well, Keepass2 Android password manager allows you to unlock your
already-unlocked password store using the last 4 (which is
userr-customizable) characters of the passphrase. Maybe K9 could handle
things similarly?
Well, this is not so bad idea.
K9 now caches passphrase, but I don't like this idea (passwords to be
cached), because someone else can use (abuse) your key. A lot of users
do not use screen lock, or you put down your phone and screen lock is
not yet activated, or someone grabs a phone from you... and then the
attacker can read your emails or even send fake GPG signed and encrypted
mails.
Maybe there should be another setting:
- enter passphrase each time;
- enter passphrase once (until cancellation or reboot), and then cache it;
- enter passphrase once, cache it, but for unlocking cache require PIN
or pattern.
In last case, if someone grabs a phone from you while it is unlocked, he
will still need a PIN or pattern to read emails (and after some
unsuccessfull attempts, cache should be cleared).
Comments?
Keepass2 Android locks when you switch away from it. When you switch
back, it demands either the "QuickUnlock" entry I mentioned above, or
the full passphrase (option is user configurable).
Keepass2 Android also implements its own Android keyboard and clipboard,
so other applications cannot read any passwords from the clipboard.
I don't know how any of that fits into how K9 could handle a passphrase
for encrypting emails, though.
--
David W. Jones
gnomeno...@gmail.com
wandering the landscape of god
http://dancingtreefrog.com
--
You received this message because you are subscribed to the Google Groups "K-9
Mail" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to k-9-mail+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
