-
Notifications
You must be signed in to change notification settings - Fork 50
Feature ideas. #43
Comments
Hi @Murton ! Thanks for taking out time to share your feedback.
|
Np and thx for providing some feedback on the ideas. Regarding point 1, it was just an idea to provide added security against screenshots or people looking over the shoulder. Could come in handy if a password needs to be accessed in a crowded space. Regarding point 3, after thinking about it again, I realized that my suggestion wasn't smart all. It would still require the android keychain to store both sides of the password (pointless redundancy). Regarding point 6, most (if not all) of these note apps bundled in manufacturer firmware (including google keep) have the same fatal flaw, and that's privacy. Why does a note app need to communicate with the manufacturer servers if not for spying purposes? In my opinion a note app does not need the permission to access the internet. That feature idea was mostly for the sake of privacy and principles. I'll create a separate issue for point 5. |
I wanted to add a few more ideas to this discussion. They were surfaced in another ticket "Some Questions:: 7- Implement synchronizing backup DB to cloud, e.g. Google Cloud (since almost all Android user have a Google account), Dropbox, or Box. This should be a minimal security risk since the DB file has been encrypted anyways. 8- Simple desktop app allowing to download the DB file locally and edit the notes with a "real" keyboard. I am aware that this is a much bigger ask and project but it still would be really nice. And if this app is written in Java or as Chrome app, it may be even portable across multiple platforms. If the DB format and structure would be better documented (other than via reverse engineering of the source), then I may even give it a shot. 9- Automatic sync with the cloud whenever a change was made and the device is connected to the internet. This would be an extension to 7 above but would possibly require the DB to be reorganized allowing more atomic sync with a remote cloud DB. |
@uromahn : Thanks for your input. (7) Like I mentioned in #42, we want this and will implement it at some point. Just dumping file automatically although convenient, can potentially make database inconsistent (when using multiple devices). We want to do this right every way, so it will take some time. |
1- Hide password fields and make password fields read only (to avoid accidental edit or removal). The password can be revealed via a touch.
2- The tag system is great but I suggest using something else than a space as a delimiter, as some people may need multiple word tags.
3- Fingerprint unlock (without losing two factor auth). Two issues may be brought up with this idea (older phones and security). The fingerprint could be used to store only the last 3 characters of the password, where the rest of the password could be stored in the keychain, which does keep a 2FA system in place. As for the older phone argument, let's be real for a second, how many non tech savy people will look for a secure open source note app? Most tech savy people have newer phones in this economy 😉. The feature should be optional anyway.
4- Search feature. If SealNote is to be used heavily (as a password manager for example), it can quickly become cluttered. A search feature would fix this issue.
5- In-app 2 factor authentication system. For example, if a person was to store their Google account login details on SealNote, why not implement an extra field for those using 2FA for their account? It would allow people to delete the old, obsolete and insecure Google authenticator app (for those who still use that), plus it shouldn't be too hard to implement as there is plenty of freely available code regarding 2FA out there. As for the barcode scanner, those who use 2FA have a barcode scanner installed already.
6- A separate and insecure database to provide a replacement for Google Keep. People could then use SealNote via a Google Keep like widget for daily tasks like shopping lists and todo lists, etc... The issue here would obviously be the confusion factor of secure and insecure features within the same app, but a warning pop-up when an insecure note is created should fix that.
Those are just some ideas to make the app a true "go to" app for everyone looking for secure, open source note and password storage. Please tell me what you guys think about it.
The text was updated successfully, but these errors were encountered: