Thoughts and ideas on the Quick Unlock Code

codinghack

As described above, this feature could be turned off (even turned off as the default) if you didn't want to use. If designed cleanly, would enhance security and easy usage.

bydandie

[quote name='codinghack' timestamp='1357175708' post='66709']

As described above, this feature could be turned off (even turned off as the default) if you didn't want to use. If designed cleanly, would enhance security and easy usage.

[/quote]



I agree, and have been discussing this with the support team offline. Forcing this option will only serve to ensure that either the master password will be weaker or that the PIN will be used, which lowers security. Usability always trumps control and forcing behaviour will create undesired effects (how many people use even a pin on their iPhone?).



I'm still baffled by the approach of the dev team to not allow the previous behaviour as an option as this promotes choice, as has been apparent in my emails and on here.

bydandie

[quote name='judegreer' timestamp='1355497900' post='65259']

Well, with khad's reply explaining their motivation but not addresssing the actual request to have the feature added back in, I must assume that AgileBits has no intention of doing so, and will unfortunately have to request a refund from Apple. Sorry AgileBits, but this is unacceptable.

[/quote]



I'm hoping that they relent and add the option back in, as options are good. Having said that, jhollingtons responses probably explain more about why they won't although the simple fact is that master passwords will get short if used all the time, and the quick pin is a better solution than I realised. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/wink.png' class='bbc_emoticon' alt=';)' />

Xipper

While I completely understand the intent to make 1P more secure by forcing only the secure (master password) access method, couldn't the previous 2 levels of security evolved? Couldn't the problem with it being "too easy" be modified to allow only X number of false attempts with the simple code before 1P would revert back to using a Master Password? Surely there has to be a way to allow making this simpler, typing complex/long master passwords on a narrow mobile device screen is error prone (and a complete pain). It isn't as though you support wide-screen password entry on the iPhone either, which would at least help.



Surely some hybrid solution with a "false entry" limit for any simple pin code before the pin code is invalidated. If you make the requirement too painful for the master password it does the opposite of making things secure as it encourages people to use short/weak master passwords which is of a much greater security risk than the pin code ever would have been.

codinghack

[quote name='bydandie' timestamp='1357767597' post='67024']

I'm hoping that they relent and add the option back in, as options are good. Having said that, jhollingtons responses probably explain more about why they won't although the simple fact is that master passwords will get short if used all the time, and the quick pin is a better solution than I realised. <img src='http://forum.agilebits.com/public/style_emoticons/<#EMO_DIR#>/wink.png' class='bbc_emoticon' alt=';)' />

[/quote]



I agree. I'm tempted to shorten mine.