PIN or passcode lock for InkDrop app


#1

Hello,

InkDrop security is already good (encryption at rest and in transit) but I’d like to be able to lock the Windows application so a PIN or a passcode is required when launching it, or after a period of idle time. I also use StandardNotes, which has the passcode feature.

This is useful in situations where I may need to allow someone else to use the laptop (e.g. support personnel) but I don’t want them to be able to open my notes.

Roger


(Takuya Matsuyama) #2

Hi Roger,

Thank you for the suggestion.
Some apps focusing on security like StandardNotes and 1Password support the lock feature, which seems to be useful.

However, I basically assume that your computer is always used by you.
You have to lock your computer itself every time you leave it so that someone else can’t use it.
When you need to allow someone else to use it, I think, just logging out is sufficient to protect your notes.

Allowing other person to use your computer involves a large security risk that he/she could see your personal information in many ways such as local files in your hard disk, email client, calendar, browser with a lot of credentials, etc. And the system basically assumes that a current user is you. Do you need all apps to support the lock feature?

I don’t mean that I completely disagree with you.
I just would like to know why it’s so necessary, especially for Inkdrop.

Thanks!


#3

Thanks for replying: I understand your point of view. Most users of InkDrop probably use it only on their own personal laptop, but I had it installed on my work laptop, which of course isn’t mine and occasionally other people (mainly IT support staff) will have access to it.

You’re right of course - all I need to do is sign out after every session, but most users just close the application (without signing out) which presumably means the database remains unlocked and anyone else accessing the computer (locally or remotely) would then be able to run the application without authenticating? A PIN-code (like StandardNotes) would prevent that, and would be quicker than email + password.

But this is a low-priority issue: there are many other things more deserving of your time!

Thanks for replying, and for developing InkDrop - it’s a great product.

Roger


(Takuya Matsuyama) #4

anyone else accessing the computer (locally or remotely) would then be able to run the application without authenticating?

Do you mean you are sharing your Windows account with your IT support staff?

If no:

It’s safe.
When other person launched Inkdrop, it will show up the login screen because it’s not you. Your login credentials are stored in Windows Credential Vault. The app calls CredRead API to read a credential from the user’s credential set. The credential set used is the one associated with the logon session of the current token.
On Windows, there’s no sudo equivalent command possible unless they know your password. So administrators can’t use it as you.

If yes:

It’s a wrong account management. You have to separate your account from IT staffs.

Thank you for your understanding.
Hope that helps!


#5

No, I’m not sharing my Windows account with anyone.

The second part of your reply is what I needed to know: I’m happy as long as nobody else accessing this machine can access the InkDrop database contents.

Thanks again for replying and for InkDrop.

Roger


#6

Just a side note. The local DB is not encrypted at rest like the cloud DB is. Is that correct?


(Nick Spreitzer) #7

Apparently, yes, that is correct:


(Takuya Matsuyama) #8

Yes, for the performance reason.


(Nick Spreitzer) #9

I’ve repeatedly found myself on this thread because there are two things I really like about Standard Notes over Inkdrop, both of which center around privacy and security: 1) SN can be locked with a passcode, and 2) SN encrypts all local data, including backups. Even though it’s unlikely that someone would access my computer without my permission, the probability is still higher than zero and I would prefer the comfort of knowing that even under that circumstance, nobody could access my private notes. I know that you’re already working on adding E2E encryption to Inkdrop; I hope that adding a passcode/PIN will be included as part of that effort.

No, because the notes I enter in Inkdrop are much more sensitive than what’s in my email client, calendar, browser, etcetera.

+1 to this ^^.

Anyway, I haven’t been able to bring myself to use SN or any other note taking app because I personally think Inkdrop is the best application of its type that currently exists. I just wanted to pass along my feelings about adding a PIN/passcode feature.


(Takuya Matsuyama) #10

I understand your worry. But I guess it’s a personal preference because I still don’t think it’s necessary for me. FileVault or something like that is enough to protect my data.

You would like to just ensure with passcode/PIN that your notes can’t be accessed easily just in case?
Or, you need all local data encryption?

At least I can say now is that local data encryption will have a big performance issue as I said.
I don’t know how Standard Notes overcame this problem, but it must be very very hard.
I’d rather focus on providing quick access to notes without overheads of en/decryptions.

E2E encryption is significant because your data could be currently revealed on the Inkdrop server in principle. So it matters for everyone. On the other hand, PIN/passcode lock would be an option.
My dev resource is limited and I would like to put my efforts where it will have the most impact on the user, in terms of features.

I appreciate your suggestion and I’m so happy to know you like using Inkdrop. But I’m afraid to say no at the moment.


(Nick Spreitzer) #11

I guess what I really want is to have Inkdrop automatically lock after a set period of inactivity so that my notes are not “accidentally exposed”. Then I’d like to be able to unlock the application with a simple PIN or passcode, which is much more convenient than typing my email address and password. Local encryption would be great, but not if it involves a significant performance loss.

I totally understand. Would it be possible to write a plugin that adds a keyboard shortcut that logs the current user out and closes the app? Signing back in still wouldn’t be very convenient, but having a quick way to log out would be a decent enough solution. If Inkdrop could be set to remember the last entered email address, that would be even nicer.


(Takuya Matsuyama) #12

You can make a plugin that executes following commands:

  • application:logout
  • application:quit

I would discuss about screen lock feature with other people once the new desktop app is out.
Thanks!


(Nick Spreitzer) #13

Perfect. Now I just have to find some time. :slight_smile: