[Feature] Biometric/FaceID/PIN protection

patar · April 3, 2021, 4:49pm

Platform

[X] iOS
[ ] Android

Obsidian Mobile version: v0.0.15

Would love to see FaceID protection on the app. It’s a decently common feature among other mobile journaling apps, along with a PIN lock for instances when biometric login isn’t working.

It’s not about encrypting the notes or fully protecting a synced vault - more just that it’s usually easier for someone to get into your phone than your computer.

Mirtma · April 6, 2021, 7:44am

I would like to see that on Android too.

scott1 · May 26, 2021, 5:12am

Yes, please — I’d like some security to protect notes in the event the phone is stolen etc.

orand · December 15, 2021, 5:36am

Here’s another vote for Face ID / Touch ID / PIN option when launching or returning to the app after a configurable time period. I use Day One for journaling and would like to replace it fully with Obsidian, but as long as someone can just tap the app icon to jump straight to my most recent notes if I’ve temporarily handed them my iPhone/iPad, it’s a non-starter.

kim-lindhard · April 4, 2022, 8:15am

Platform

[] iOS
[X] Android

I also vote for a way to secure the app, i don’t like the fact that the sensitive information i put in Obsidian is this easy to get access to

Sentiment · April 17, 2022, 6:17am

Yes, please.

BambooBastille · January 31, 2023, 1:39pm

+1. Please

Jopp · February 11, 2023, 6:58pm

A PIN protection would be sufficient. Our “vault” is not really a vault until we can lock our vault.

A clear and absolute NO to any biometric stuff however - such “cozy” features are phone-exclusive and overkill for an app feature.
Security isn’t something to toy around. I’d hate if scanning faces would become a normality. What said B. Franklin?

“Those Who Sacrifice Liberty For Security Deserve Neither”

ionos · March 20, 2023, 10:50am

+1, please

Other thoughts:

Allow for PIN that is different from the device PIN/passcode (i.e. do not allow unlocking with device PIN if FaceID fails, user’s choice)
Option to set the PIN application-wide or vault-specific

orand · April 29, 2023, 2:16am

Here’s a little shortcut I made that enforces Face ID when opening the Obsidian mobile app on iOS. Just create an automation that runs this shortcut whenever the Obsidian app opens.
https://www.icloud.com/shortcuts/d5f1ae80d7fe4e00bddd1a11bfd0f732

You’ll need to install the free Actions app first to be able to set a global variable.

You could probably make it fancier where it doesn’t authenticate every single time but only if you’ve been away longer than X seconds, but it’s good enough for me for now. You might also be able to combine this with a modified version of the Lock Screen plugin, where if Obsidian is launched with a custom URL parameter after authenticating from the shortcut, it will dismiss the Lock Screen overlay.

Synchronicity · July 10, 2023, 9:46pm

A lot of people considering Obsidian ask about this. I agree that it doesn’t have to include at-rest encryption—it would just be a way to keep someone you’ve handed your phone to from opening Obsidian (whether by accident or out of curiosity) and seeing the last note you had open.