Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disclose password when open DB by biometric #504

Open
vitaly0galimsky opened this issue Aug 23, 2023 · 1 comment
Open

Disclose password when open DB by biometric #504

vitaly0galimsky opened this issue Aug 23, 2023 · 1 comment

Comments

@vitaly0galimsky
Copy link

When you enable checkbox "show password" and open database by biometric (without enter the password) you will disclose your password.

Screenshot_20230823-094920
@0xGitGuy
Copy link

0xGitGuy commented Feb 5, 2025

Correct me if I'm wrong. Once you encrypt the password with your biometric, the encrypted password is stored on the phone. So once you decrypt using your biometric, the password is revealed.

I wonder if there's a better way to do this without ever revealing the password in plain text, but instead handle it in a secure enclave in the hardware of the phone?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vitaly0galimsky @0xGitGuy