Touch ID, Pin Code or Password Protected Projects

Hi, lets say for example my child played around with my iPad without permission and started opening apps and playing around. Have you ever considered letting us protect our projects or the app itself?

I use this feature in some apps like Onenote and Onedrive.

Bump!

Yes. This is a definite feature request for me. I was just searching how to do this. What good it is backing up and triple backing up documents that can be modified by anyone with access to the device? iPads don’t have accounts, so some security measure would not be out of order. Would this be a significant change or just minimal coding?

Thanks in advance

Yes please specifically for iOS - don’t mind if it is one password but I would like to know that my work is safe from prying eyes.

N

If the device is locked or powered off (with an unlock code), your data is protected by Apple’s encryption, which is good enough that the FBI couldn’t break it. This is the best protection against both theft and the “child plays with iPad without permission” problem: lock your device, and don’t unlock it for untrusted users.

Katherine

To be fair, there is a common use-case that isn’t covered: someone DOES have permission to use the device but may not know enough to be able to stay out of Scrivener. “Trusted” isn’t necessarily a full binary “they can use the device fully or not use it at all.”

I think the underlying problem is that this is a device designed by Apple to be for one user, not several people, not sometimes the kids, etc. It’s not meant to be used like a laptop in that sense, and because of that there is no facility for having “my” files and “your” files, and all app icons are bundled directly together with user data.

Implementing Touch ID, where each developer of every application does so individually as a way to try and create some sort of pseudo multi-user environment, doesn’t strike me as a very elegant approach to the problem. Then we have one person using this program, nobody else can ever write with it, and another person that uses the device “owns” this app over here, nobody else can ever draw with it. Maybe for one person here and one family there such a scenario would be okay, but this is not the kind of solution that scales well.

For the rest though, yeah, the issue is that the device was left unlocked, wide open, and one particular app within it was then also accessible. It’s not just our app that was accessible everything was. Should every developer implement Touch ID on top of Touch ID? That, also seems like an inelegant solution. If Apple meant for there to be two layers of authentication, one to view the Home screen icons and weather, and the other to tap on any app, then they would have implemented it that way—it should not be up to every single app developer to go about effectively creating that somewhat awkward situation (unless what it is storing is clearly the sort of thing that should never be left open, like passwords & banking).

Besides, even if we did that, it wouldn’t protect anything. From kids or a malicious person the icon could still be deleted from the screen (and as noted that’s a data destroying activity on this OS), and for anything else where actual privacy or security is involved, if the device isn’t locked down in the first place then it can be plugged into any computer and the contents of the Scrivener documents folder extracted with ease. A little biometric gateway that exists purely in user land is not security, it’s a facade.

So really the request is to retool the storage format, lock it down, encrypt it and make it impossible to use except for with Scrivener and your thumb. That would go against the entire design premise of the format, which is as an ethical premise based on transparency, openness and easy to reverse-engineer schemas so that your data is never trapped in software.

Well that’s my two cents anyway. I’m not saying that Apple isn’t presenting us all with a conundrum here, and that in some cases one might want to use a device this way or even have legitimate reasons to, the burden is on Apple for having created this context. What I am saying is that this is trying to solve an OS limitation from the standpoint of hundreds of thousands of third-party developers all being asked to individually and collectively patch Apple’s context: that’s the issue I take with the idea.

Just a quick addendum to Ioa’s comment. Whether Touch ID is a good alternative to a numeric unlock code is very situation dependent.

A number of people have posted here who are reporters trying to protect their sources. I would absolutely not recommend Touch ID for those situations. Fingerprints are considered public information in the US, and so law enforcement agencies can demand that you supply them without much due process. The Supreme Court has held that they need a warrant to force you to supply an unlock code, and in some states reporters’ shield laws may provide even more protection.

More generally, it’s not that difficult to “steal” someone’s fingerprints from an object they’ve handled, and unlike an unlock code your fingerprints are of course impossible to change.

Katherine