While having biometrics for lock/unlock the app is good and practical, if we talk about encrypted note INSIDE bear is a different story!
…been force to have biometrics on encrypted notes destroy any sense to have note encrypted:
- someone who stole your device knowing your Mac app or iPhone app can change biometrics and access everything
- Having an iPad shared or simply unlocked expose to access
- many others example are possible… you get the point!
The point is that for encrypted note the biometrics should be protected by the encryption code inside the app not in setttings freely whiteout encrypted code confermation! Until the change of biometrics at least not ask iCloud password or different password from device, this is not a secure why to protect our stuff, also apple not send notification or mail about new biometrics register or a way to block that and apps not ask the code again after new registration biometrics!
Even apple note have this little trick, to ask password (that could be different from devices) for activating biometrics for unlock!
This is one of my biggest gripe with Bear. I want to use it as a journal as well, and keep some of my more private stuff, and then I have a shared iPad, these notes I don’t want accessible through biometrics, I want a custom password!
This option is even available in Apple Notes as well!
2 Likes
I understand the other reasoning, but I have to tell you the above is not true. You can’t change the biometrics on macOS/iOS without knowing the master password.
1 Like
That’s the point is easy to add a new biometrics, simply cooworking whit someone who see you digit the Mac code and registering a new temporary biometrics allow to access anything!
the use for encrypted should be very well stored in the app!
Take for example this one guy who was arrested for stole iPhone to unknown peoples by see them typing code, before he was able to access anything on device by changing biometrics, like personal journal, crypto address and others personal stuff, and the same problem could happen when you let someone around you just using your iPad and it’s easy to let them use the code… that’s the need to have a different password on personal stuff !
Or if for any reason you have to give your code whit your device at least You can protect your info until go to in other device and change the password!
And if read well I say knowing the device password!
I can agree that if you share your passcode (iOS) or password (macOS) with somebody, Bear, Apple Notes, and any Homebanking app using biometrics is not for you. You are free to prefer a more unhandy way to handle secure access to data, but I’m unsure we don’t want to support this at the moment.
1 Like
As previous poster mentioned, apple notes supports setting a custom password, that isn’t about the login password or face ID.
2 Likes
Bear need this! …and of course encryption for attachments!
1 Like
So there’s no plan at all for that or is something we can expect later??
I love what Bear has done with encryption. I just ran a test case on one of my notes where I set a pass code on it, then exited out of the app. Then I went back into the app, and my note is locked. It asks me for the passcode that I set, or it will unlock with my face ID. If someone steals my phone, they still cannot access my data without the pass code.
- If someone see your iPhone passcode and steal your iPhone can change biometrics and access your note whitout know the encryption password,
- If someone force you to give them the device password can access your encrypted note whit biometrics,
- If something happen around you and police have to take your device knowing your device code can access anything while you cannot be forced giving the bear password or you can say that you don’t remember and /or giving them fake password!
- if you share a Mac or have to share an account for work or even family reason giving your DEVICE password allow anyone knowing it to register a biometrics and unlock your note specially in a device like a Mac you cannot bring whit you all the time!(practical example just imagine a girlfriend who access your Mac while you are not at home reading all your journal)
- I could continue…if you not get the point I’m sorry
To me this is like leaved on purpose like an easy backdoor!
Like on apple note that have this functionality BUT is not possible whit audio, video and pdf imported and others file, (only whit image)… could be the same reason why bear take so long to add this attachment encryption?
Does encryption requires some previous reviews control and authorization for an easy and so popular user friendly app like bear?
So go into the settings on your phone and remove the option to unlock any notes with Face ID, and use the pass code only option. Then set the pass code with a completely different number that is not the same as the one you use to unlock your phone. Problem solved.
1 Like
Well it seems you really not get the point! Anyone whit your device can turn on-off biometrics whitout asking the encryption code.
If instead you use apple note for turn on biometrics unlock for encrypted note in the app you need to confirm the choice whit the encryption code (that could be different from the device code)
In case you don’t have understand that this discussion was about that: confirm the biometrics turn on whit the encryption code! Please read before answer something out of topic!
We are not talking about emoji here we are talking about privacy and security!
I have stolen device protection turned on for this reason. It requires an hour delay when trying to reset your device’s password. In the event that your iPhone is stolen, the security delay is designed to prevent a thief from performing critical operations so that you can mark your device as lost and make sure your Apple account is secure. That gives me an hour to lock my phone down and require a new password for the phone. It also requires biometric verification after the hour delay before the password can be reset. So even if someone has your device and knows your password. They can’t change or disable your biometrics or password.
1 Like
Well one hour is not that secure, and IS NOT AVAILABLE FOR MAC, however look like you answer whitout making your try!
Try to cover face ID and than the required code for unlock encrypted note is not the encryption code is the device code that unlock encrypted note !
I know very well what I’m talking about!
As mentioned before this is leaved on purpose!
I think I understand what @93.tino.vale is saying. You can turn off biometrics and set a pass code to encrypt a note, but that pass code is not required to turn biometrics back on. Therefore the pass code can be bypassed making it essentially worthless for its presumed intended purpose (to encrypt the note with a code separate from the device pass code / biometrics). I have a shared device with fingerprints for a couple of people. I had assumed the encryption code I set for an encrypted note would keep it safe, but that does not seem to be the case.
If this is what @93.tino.vale is getting at, I agree and I think the ask of the Bear team would be to not allow biometrics on a note without first requiring the set pass code, or not allowing biometrics at all for notes with a set pass code.
You get the point!
Is so easy they can leave anything like are, they just need to add in the setting a confirmation whit encryption code for activate biometrics!
So anyone can choose their level of protection not unless encryption!
If see on apple note on setting in your iPhone or setting on Mac for turn on biometrics is necessary put the code, and of course you can choose different passwords from device password!
Even on onenote is possible this! (For not talking about different passwords for every stack of journal)
1 Like
