Use of Biometric Sensors #65
Comments
|
that is more of a change to GPG but I think the original |
|
Yes that was what i thought. But for example the pass app on my iphone offers finger print auth. So there musrt be a solution. |
|
I'd imagine that if your password store is secured by GPG then at some point the app is storing your GPG passphrase which is arguably not great and even less great on a computer OS that has less security. Don't get me wrong, I like the idea but if it is just a shortcut that involves storing something which isn't supposed to be stored then there has to be a better way. |
As far as my understanding goes this is indeed the only way it can be done. Of course it is possible to look into using Windows Hello to determine whether it is possible to use its API to encrypt and decrypt your GPG passphrase, but it does weaken security, which is rather unfortunate. (In particular, as far as I'm aware, there is no way to implement this on Windows without also granting all other processes running under the same user the ability to decrypt your GPG passphrase at any time, but I'm not too familiar with the Windows Hello API). It is possible that I'm missing something here, and that there is a secure way to do it which I'm simply not aware of. Having said that, I'm not fundamentally opposed to adding an opt-in feature for this if people want it and, and if they themselves are okay with the convenience/security tradeoff resulting from it. |
Maybe it would be great if there was the possibillity to unlock the GPG-Key with some connected biometric sensors. Maybe the App could make use of the Windows-Hello-API. I think that would really improve the quality of using it. Unfortunatly I'm not sure, wether this is possible.
The text was updated successfully, but these errors were encountered: