Anyone know what the lockscreen on the librem 5 is slated to be? I am wondering if I will have to type a full password each time? Or will we be able to set a pattern unlock? obviously you wouldn’t want a pattern unlock for sudo access but for desktop access I think it would be good enough.
I guess in the first iteration it will just be a numeric code. But I guess you’re not the only one wishing for more options, so it shouldn’t take too long
The lock screen will take your fingerprint and then send it to a Purism server which checks your IP and if you are trying to log in from a previously confirmed IP then you will be allowed access otherwise you will get a form from which you can send your passport or drivers license to purism to confirm your currently used IP address. Logging in while being connected to a proxy is not allowed.
Purism helps ensure that your data is safe.
Edit: I am just joking BTW! I want to vent my frustration because I got permanently locked out of Hotmail for trying to access my e-mail from another country! I hate IP based security measures my login credentials should be enough!
I was a fan of BlackBerry10’s Picture Password lock screen.
Right now from what I have seen it’s going to be like the standard Gnome unlock screen. Which would mean you need to put in your admin password everytime you login which is less than ideal on a phone. I would prefer some sort of pattern unlock or pin unlock for the desktop and a sesperate password for admin/sudo rights.
Actually this is very convenient because I thought of something that I thought was STUPID about my Android. So perhaps it can be addressed on the Librem 5.
If I recall (it was a long time ago) the phone arrived in a mode that if you shut the screen off by pressing the side button, it would go into lock screen. That could be disabled, in favor of having it time out on inactivity…but then there was no way to FORCE it to lock early. (And I tried in vain to find an app or widget to do that; problem is searching for lockscreen brings up a LOT of other things like being able to control X, Y or Z from the lockscreen–useless.) A widget that, when pressed, locks the phone would, I think, be a good idea.
“what will the lock screen be ?” it can be whatever you want - it’s your phone - the limit is you (you are not in any way forced to use this or that - if you know HOW you can change it)
The lock screen is pretty integral to the OS. Sure I could set the screen to never lock and then write my own lock screen app to do what I am talking about but it will probably be a very imperfect solution compared to something baked into the OS.
Not really. The lock screen is just a program that runs on the OS. Each different graphical shell tends to supply its own lock screen and it tends to be fairly easy to change it. However, I expect the few alternative options currently available are all fairly conventional in terms of authentication methods, though there is support for theming, to customise the appearance.
Having said that, writing a new lock screen from scratch is not a project I’d take lightly. I’m sure there have been loads of lessons learned over the years, which it would be unwise to ignore. No doubt my first attempt would be easily circumvented by some trivial keypresses!
Please, It will be possible to have it?
Have what? The “BlackBerry10’s Picture Password”?
See also Voice password to unlock phone/apps
You can use the existing code as a model, and just change the number pad for something else. I bet someone from the community will do it pretty quickly once Evergreen is released if Purism doesn’t provide an option to select the type of lock screen.
I don’t get it. Obviously if someone records your screen while typing password that could compromise it. BB10’s picture password was at least a little dynamic. Random number positioning, and I think sensitivity(?). Plus you could change the number/picture daily if you so desired.
Granted with encryption you got about 5 tries before having to enter a regular password else it security wipes the phone. It was just for convenience. Better than a short pin though, or playing with swiping dots.
Yes Kieran, is it possible to have Picture password as unlock screen?
Yes, all that is acknowledged. The question was not so much: Is picture password more secure than a straight PIN (in the face of ubiquitous surveillance)? Yes, picture password should be more secure.
But rather: How much more secure is it?
However note @reC’s claim that he or she unlocks the phone in the pocket. In that case, a straight PIN is probably more secure than a picture password.
Yes. That is noted as an option. I think that just changing the number and/or picture daily would be quite painful … but you could.
Nothing has really changed since the previous discussion.
- Most people don’t have a phone yet to implement with.
- I don’t know what would be involved in the actual unlock side of things. Would probably need to start with an existing unlock program and edit from there. The UI side of things could be prototyped now on any computer.
- I don’t know whether anyone with the requisite skills is interested in implementing this. I suppose that by keeping this topic active, you maximize the chances. For a phone with a strong focus on privacy and security, this is certainly the kind of thing that users should be interested in.
You wanna know the best lockscreen implementation? A PIN code but the numberpad changes layout after each login so the buttons will be randomized so people can’t figure out your lockscreen combination after time.
The beauty of Linux is that everyone can have the “best” lockscreen, no matter what they think that is.
For the actual scenario being described (surveillance cameras everywhere) randomizing the number pad doesn’t help - under the assumption that the number pad is displayed on the screen for the user - and the camera - to see.
Randomizing the number pad does help for the scenario where someone, or a camera, can see your fingers but not your screen.
Note also @reC’s claim that he or she unlocks the phone in the pocket. In that case, that requires a fixed number pad - and in the face of ubiquitous surveillance that is more secure than a randomized number pad.
Here’s a fun idea for bolstering a randomized number pad for use in public places … you use the phone with a wired headset and the phone randomizes the digits 0 to 9 and reads them to you as it moves a “cursor” across the number pad, which does not display any digits. If you are really good, you can enter your PIN as soon as it reaches the last position in the number pad (if you happen to need that digit, or earlier if not). If you are not that good then just wait, as it will cycle back through the number pad.
Neither this idea nor what you proposed is ideal, in the sense that surveillance can detect duplicates (or the absence of duplicates) in the PIN - which reduces the available number of PINs. That can be solved at the expense of some usability by randomizing the number pad after each digit.
What ever lock-screen will be: it should never be sudo-password. You often use the pin to unlock your phone in public. There are cameras (with higher and higher resolution), there are many people (for example in buses) and so on. Also friends and family can see it easily and may also have access to phone when you are on toilet. It’s not that people who read here don’t trust there family and friends, but maybe some other people have such problems (and they may even don’t know).
So in any possible situation it would be better to have a default 2 pin system: lock-screen-pin and sudo-password. So if someone get access with lock-screen-pin, they don’t have admin rights.
And as something I would prefer (and is only possible in the way i described above): Sudo-password could unlock smartphone alternatively (fall-back methode).
Everything else (how to create the lock-screen in detail) is secondary important.
Ironically (yes, I know the counter-arguments ), this would be one thing in favor of using some kind of biometric authentication.