Andotp: Allow app-only storage without encryption

Created on 10 Sep 2018  Â·  10Comments  Â·  Source: andOTP/andOTP

Hello,

I would like to request the ability to store OTP secrets within the app's own storage (/data/data/org.shadowice.flocke.andotp/) unencrypted. It seems the only way to store them without extra passwords currently is to use Android's credential storage (which has its own problems, e.g. enforcing a lockscreen)

The reason I ask for this is because my automatic backup procedure dumps the entirety of /data. If the secrets in /data are encrypted, my backups will be of limited use - I cannot import them anywhere wihout the help of a working copy of andOTP - which is not always a given. So ultimately my reason for requesting this is portability and independence.

It would be very much appreciated. Thanks!

enhancement security wontfix

Most helpful comment

This is why I don't use this. I really don't want to have to enter anything to be able to get my codes. Breaking backup solutions to achieve that is kind of crap. Would be nice to see this added so I can ditch Google authenticator

All 10 comments

This is why I don't use this. I really don't want to have to enter anything to be able to get my codes. Breaking backup solutions to achieve that is kind of crap. Would be nice to see this added so I can ditch Google authenticator

Sorry, but I won't be doing this. This app is focussed on security and storing the very sensitive OTP secrets in plain text is something that is NOT secure.
Besides that I won't be adding new features after the next stable release since I am doing a rewrite from scratch.

For (re-)consideration: The Android OS is doing the security by separating the app's data directory from all other apps and also encrypting the partition. If people root their phones, keep them unlocked and/or install trojans, that's their fault. Your app should be as easy and comfortable to work with as it can. Providing a similar experience to Google Authenticator would be a main part in that.

I might reconsider that feature at some point, but it is very low on my todo list. In the moment I don't have a lot of time to work on andOTP, so it will definitely not be added this year.

Hi Markus

Do you suggest that the app's usability could be improved
by being less stringent on security? If yes, what is the security feature
that you think can be dispensed with?
I may be completely missing your point here ...

Cheers
Vincent

On Thu, 10 Oct 2019 at 18:23, Jakob Nixdorf notifications@github.com
wrote:

I might reconsider that feature at some point, but it is very low on my
todo list. In the moment I don't have a lot of time to work on andOTP, so
it will definitely not be added this year.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/andOTP/andOTP/issues/226?email_source=notifications&email_token=AADQELRJERI4NSFPUC4P2MLQN5JHPA5CNFSM4FUDU4D2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEA46GMI#issuecomment-540664625,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AADQELRVXRGR6MNZL6VW6VDQN5JHPANCNFSM4FUDU4DQ
.

@vd1 Exactly this. Let the OS handle the security part (phone lock, filesystem permissions, storage encryption, etc.). Keep the app simple and only let it do what it's supposed to do: Give me tokens and give them to me fast - without having to unlock anything else but my phone. Similar to the experience with Google Authenticator: Unlock phone, touch app icon on home screen, read token.

I mean, technically, this is possible already by using the KeyStore, but judging by the warnings, that is not something you can trust, it seems.

I just want to add that the KeyStore has gotten a lot better over the last year. I haven't heard a lot of complaints recently and I am using it on my daily device since a few months.

Thanks Marcus!
Vincent

On Fri, 11 Oct 2019 at 18:27, Jakob Nixdorf notifications@github.com
wrote:

I just want to add that the KeyStore has gotten a lot better over the last
year. I haven't heard a lot of complaints recently and I am using it on my
daily device since a few months.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/andOTP/andOTP/issues/226?email_source=notifications&email_token=AADQELR2NRX47FDUOA6DYE3QOCSOVA5CNFSM4FUDU4D2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBAQPZA#issuecomment-541132772,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AADQELSNJMJUM3LCZ7KQ6HLQOCSOVANCNFSM4FUDU4DQ
.

@flocke I'm sorry, but "has gotten a lot better" is still not sounding very convincing. :wink: It has to be rock solid. I don't want to risk opening andOTP and sitting in front of an empty screen when I'm away from my backup codes.

These issues were only ever reported on lineage/roms, at the end of the day why not try it? Keep your keys in Google authenticator and add some dummy codes to andOTP and make sure they don't disappear

There are many benefits to having custom encryption, backups being a big one

Was this page helpful?
0 / 5 - 0 ratings

Related issues

schoeke picture schoeke  Â·  5Comments

RichyHBM picture RichyHBM  Â·  3Comments

malnvenshorn picture malnvenshorn  Â·  4Comments

BoFFire picture BoFFire  Â·  4Comments

asmw picture asmw  Â·  8Comments