Comments (6)
Hi there 👋
It's been some time, so I don't remember all the details fully, but I'll try my best
I think NoKey doesn't have any features that help against the security issues that come with losing multiple devices at the same time. So if you lose multiple devices at the same time, it's best to consider your accounts compromised. So if that happens, you'll have to change all your passwords to stay safe -.-
But this is really unlikely, so I'm not too concerned about that.
If you only lose one device at a time it's also not great, but at least your passwords always stay safe.
I think in that case it would be best to export the passwords, reset all devices, re-pair all devices and finally re-import your passwords (all of this is found in the "More" tab). This will generate new keys, new shares, etc. so that everything stored on the lost device will be completely useless.
Unfortunately there is no way to re-encrypt all your shares in an easier way.
You can delete a device from your list of trusted devices, but that of course won't remove the secret share that's stored on the lost device.
This would have been a great trigger for such a re-encryption, but that was never implemented
from nokey.
And adding to that answer above, I think implementing such a re-encrypt functionality would actually have been very difficult. The distributed nature of NoKey makes this quite tricky, as devices that are offline wouldn't be able to receive newly generated shares.
So I think this feature would require you to gather all other devices anyway, to make sure they are all online at the same time when this re-encryption occurs.
Achieving good usability with a distributed application is very hard..
from nokey.
And I guess there is also a workaround for this rotation without doing the export / import process, if you have enough devices, I think 4? But it's even worse UX wise:
Remove 2 devices and reset them. Pair them again. store a new made up login in them.
Then, pair those to your other 2 devices that still contain all your passwords. Then you will have 2 different password groups with security level 2, one with the new login, one with all your old logins.
Then you could move all logins from the old password group into the new one.
But yeah, this is even worse..
from nokey.
Thanks for your answer!
So I think this feature would require you to gather all other devices anyway, to make sure they are all online at the same time when this re-encryption occurs.
Yeah but I think this is acceptable, it's much more user friendly to gather all devices and click re-encrypt, than to export/re-create/re-import.
from nokey.
BTW, so this project is no longer actively developed?
might be a good idea to note this in README, or archive the repository? anyway, just a suggestion. I didn't realize this is no long active and am now a bit sad 🥲
from nokey.
Yeah but I think this is acceptable, it's much more user friendly to gather all devices and click re-encrypt, than to export/re-create/re-import.
Agreed, but at least it's somehow possible.
BTW, so this project is no longer actively developed?
might be a good idea to note this in README, or archive the repository? anyway, just a suggestion. I didn't realize this is no long active and am now a bit sad smiling_face_with_tear
Yeah, I'm not adding any new features and won't be maintaining the apps on the different stores if google ever decides to kill it for some reason.
But I will definitely keep the server and the web app alive, since I'm still using this as my personal password manager.
You're right, I should definitely add this to the README and make it prominent.
from nokey.
Related Issues (20)
- Popup is blank on Firefox
- Icon isn't centered on android HOT 1
- Add online services
- icons are also displayed even if we know this can't be a login field
- "Chose login" sometimes overlaps with login button
- Remove popup as soon as notifications are gone
- Redirect not working if extension active
- Not working if login inside iframe
- Submit login not always detected HOT 1
- don't open popup if the number of notifications decreased
- Confusing device icon HOT 1
- Add doc details on security HOT 7
- APK for v0.4.0 missing from releases tag HOT 8
- Doesn't work on Android 6.0.1 HOT 5
- .xyz domain - tracking HOT 3
- Generate readable passwords HOT 3
- Firefox extension (and webapp opened in Firefox) not working HOT 7
- I love this app, could we get more updates? HOT 1
- Any change this could compile to Android API 18 with minimal to no changes? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nokey.