Feature name
more ‘secure’ secure notes
Feature function
currently ‘secure notes’ are visible just by clicking on them in the vault, even if ‘require master password’ is checked. This seems like a major vulnerability for if you have say your cryypto wallet passphrases in there for example and anyone can see it if your vault is unlocked without even needing to re-authenticate. Please modify this so the specific notes marked as requiring reauth are not visible at all until the user puts the master pass back in to display them.
Also your warning on notes was a little concerning as well, maybe on notes that have that flag set, dont even decrypt them until the user reauths and then clear it from memory after so there arent alternative ways to easily spy on them.
thanks for your consideration!
dave