Andotp: The app should 're-lock' (require credentials again)

Created on 13 Aug 2017  路  8Comments  路  Source: andOTP/andOTP

I would like it to re-lock and request device credentials again:

  • [x] Immediately after the screen has been locked
  • [x] After a certain time of non-usage (e.g. 60 seconds)
  • [x] Maybe: when exited through the back button
enhancement help wanted security

All 8 comments

  1. This seems reasonable, I will look into it.
  2. Maybe. I still have to find a good way to detect user inactivity on Android ... anyone who knows how to do this feel free to submit a pull request.
  3. This should already happen. If I exit my app with the back button and switch back to it it will ask for authentication again.

Indeed, 3 seems to work. I probably pressed the menu button.

I just implemented 1, it will be included in the next release.

Awesome! Thanks for your work.

I bet you never saw this coming but, can we have 1 as an option? About once a month I go on a maintenance spree, using 2FA ~20 times in a row. So I have to unlock the app a lot!

Sure, I had the idea already to make it optional. Just never had time to implement it.

@icetbr Just implemented it, will be in the next version.

The last point (re-lock after inactivity) was just implemented in #390 :tada:

Was this page helpful?
0 / 5 - 0 ratings