Home / GitHub Page

RFC: Button to reveal master key password on mobile?

Since it’s something that would affect everybody, I thought I’d ask here what everybody think about this feature, and whether we really need it.

This is a feature developed by @ishantgupta777, which will add a button that would reveal the master key password on mobile:

https://github.com/laurent22/joplin/pull/2816

It can be convenient in some cases, for example if you forgot your password, or to verify what you’ve just typed, but the drawback is that it can potentially be unsafe, as discussed below:

Without asking user the current password, anyone can see the passwords to master keys.Hence, there should be a prompt confirming the current password.

That’s a valid concern. As it is, if someone takes your device it is very difficult to extract the master key password (you’d probably have to enable USB debugging, and somehow hack it from there). However with this change, it’s just a press of a button. Chrome asks for the device password when doing this, but probably it would be hard for us to do the same from React Native.

So I think that should be at least discussed. Do we so badly need this feature that we make the app slightly less secure for it? And the thing is, it’s not optional, even users who will never need this feature would still have it there, with their password easily exposed at the press of a button.

So I’m wondering, do we proceed with this or not?

1 Like

For those who are concerned about privacy, what if I add a feature which will ask for master password on first app start and then you see these masterkeys only after entering that master password. We can add a new option on settings page where users can choose if they need master password. And as it is limited to mobile only and a separate option, it will not effect sync in any way. This way your privacy won’t get affected as well as you get an option to see masterkey, in case you forget, or change it by mistake. Please tell us, what you think and will this be a feature you all wanna see.

may you want to add the option that Joplin ask for the master key when it is needed.
That is how Firefox does it. It won’t ask for the master password until it needs to read the saved login DB.

1 Like

Sure Sir, I have already started working on that part. I will soon add that feature and then we will be able to use that feature at many other places, I have in my mind. Thanks for help sir.

There’s no Joplin master key though? For Chrome for instance it asks for the device password (or finger print) to reveal the master key. I think that would be the right way, but probably difficult to implement as you need to access native features.

1 Like

I think that some kind of permission prompt should be added with a privacy policy entry added for this. Many mobile devices have a 4 or 6 digit pin approach to this and desktop could implement a similar approach.

1 Like

Sir, what if we ask for a master password from the user for the mobile, it will ask on device first startup and users can change that in setting. If we don’t try to sync that password and keep it mobile only for now. I don’t think adding that will be much of a problem.

Exactly sir that’s what I was thinking.

1 Like

Of course, another approach is 2 Factor Authentication with extra optional FaceID, TouchID and Passcode options available

1 Like

I am not sure if that will be a easy thing to implement using react-native. I will have to check. If that’s possible that can be the best thing. I will look into it. But still, if user doesn’t have any face lock or password, then there has to be an option for password in joplin itself. So for that also, I think we can add password now and then add the option for face id also. If phone lock is present use that, else use joplin password.

that is maybe a future extension. If you have time just look into it and tell how it could be done. Keep in mind what I told you about your PRs :wink:

2 Likes

As long as I don’t have to use/enter a master password when I don’t use encryption, I don’t really care, but I think that using something like a master password should be optional.

2 Likes

I agree with you sir, it should be something that user has the full control of.

I second that. It should also be optional even if you don’t use encryption. Some people will appreciate just having the ability to lock without caring about encryption too. If it’s not directly tied to encryption but can use it, it’s less likely to break or be hard to fix when encryption gets a new feature or overhaul and whatnot.

1 Like

That’s a valid point, but sir can’t we use any app locker for that? Like mostly, this type of user’s want full privacy, so mostly they will have a app locker, because most of the apps don’t provide lock feature. For ex, any social media apps.

Having an app-wide master key is a much bigger issue so let’s not implement anything about this at the moment. It’s a bit related to note encryption, etc. that’s been discussed before.

For this particular issue, the only thing that seems to make sense is to request the mobile phone pin or finger print when revealing the password, as Chrome is doing.

2 Likes

Okay sir, I’ll look at it and will try to implement that.

We kinda went off the original idea here, especially when i suggested 2FA. Ha

1 Like

The best way to handle this is writing a react-native-device-credentials module that can be installed with npm install. But maybe something like this already exists.

1 Like

Thankyou so much sir for the library recommendations, I’ll look at it if it’s present or not. And will add and implement if it’s not present.

1 Like