Comment by ufmace - Hacker Neue

ufmace 2 days ago parent

I don't think this makes a lot of sense because, if the password is quick and easy to type, it can probably be cracked by any such device in the time it takes for a single keystroke. A long and complex password might hold up okay, but for it to actually be secure, you would have to type in the whole password on a phone keyboard every single time you opened the app, which sounds like a terrible experience.

I think, if you were actually willing to do that, it would probably be about as convenient and at least as effective to leave the device powered off and rely on the device full disk encryption and hardware security to protect the data at rest, only powering it on occasionally to check or send messages, then immediately powering back off.

anonym29 1 day ago

You do not have to type the whole password every time you open the app, only when the database is locked. You can manually lock from an unlocked state whenever you want, even from other contexts (the button to lock it is available in the background notification) or configure an automatic timeout (which is granular down to the second) to lock the database.

This item has no comments currently.