New Secret Code Management
Context
To ensure consistency across applications, a revision of the secret code management generated at first login is necessary.
Technical Solutions
- Implementation of
capacitor-biometric-authplugin for mobile mode - Implementation of a 4-digit PIN code for mobile mode
- Implementation of password authentication for desktop mode
Detailed Process
First Login
Mobile Mode with Biometrics
- Enter a code
- Propose biometric authentication usage
- Save the entered code
Mobile Mode without Biometrics
- Enter a 4-digit PIN code
Desktop Mode
- Enter a password
Subsequent Logins
Mobile Mode with Biometrics
- Use biometric authentication
- In case of repeated failures:
- Reset stored code
- Request PIN code
Mobile Mode without Biometrics
- Enter PIN code
Desktop Mode
- Enter password
Changes Summary
| Mode | First Login | Subsequent Logins |
|---|---|---|
| Mobile (with biometrics) | Code + Biometric option | Biometrics (with PIN fallback) |
| Mobile (without biometrics) | 4-digit PIN code | 4-digit PIN code |
| Desktop | Password | Password |
Implementation Notes
Mobile Implementation
-
Biometric Authentication:
- Uses
capacitor-biometric-authplugin - Requires fallback mechanism to PIN
- Maximum attempt limit
- Uses
-
PIN Code Requirements:
- Must be exactly 4 digits
- Needs secure storage implementation
Desktop Implementation
-
Password Requirements:
- Standard password security rules
Edited by Dorian Marco