Remove need for pin, when set up with fingerprint

[tomfitzhenry]

It seems that I need to set up a pin, before I can add my fingerprint.

This is a problem either:

1. I choose a weak PIN, and then this is a security issue
2. I choose a strong PIN, and then I have to remember yet another thing.

[pfn]

Pin can never be removed. Fingerprints can be revoked by the system and
would result in an inaccessible database.

On Sun, Mar 20, 2016, 3:52 PM Tom Fitzhenry [email protected]
wrote:

It seems that I need to set up a pin, before I can add my fingerprint.

This is a problem either:

1. I choose a weak PIN, and then this is a security issue
2. I choose a strong PIN, and then I have to remember yet another thing.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#20

[tomfitzhenry]

Ah, for users who want fingerprint, but not PIN, rather than asking to set up a PIN, could the user be prompted for their kdbx passphrase, and use that as a fallback instead?

[pfn]

I don't really want to add such a use case flow, in this case, you can
create a really long pin and forget it. Setup keepshare again if the key
gets revoked or the fingerprint doesn't read for some reason

On Sun, Mar 20, 2016, 4:16 PM Tom Fitzhenry [email protected]
wrote:

Ah, for users who want fingerprint, but not PIN, rather than asking to set
up a PIN, could the user be prompted for their kdbx passphrase, and use
that as a fallback instead?

—
You are receiving this because you commented.

Reply to this email directly or view it on GitHub
#20 (comment)