Today, it is possible to have the vault lock after a specified time out, after which point you need to unlock it either with biometrics or with the master password (or with a PIN). Using the master password is the most secure but cumbersome, which biometrics (or PIN) can speed up, though at a lower security. I am proposing to offer a combination of the two:
- Lock and require biometrics (or PIN) after a first time out, say 5m. You’d use that most of the time.
- Require the master password when some more time has passed, say 2h. You’d only have to do that occasionally.
The use cases are similar to those of item-specific re-prompt (e.g., forget to unlock, loose device, etc.) but protect the whole vault. Also, in theory, one could unlock my phone and then my vault using biometrics while I am sleeping.
This request bears some similarity (or completely solves) the following requests:
- Autologout after two weeks
- Nested vaults to implement multiple security levels (not allowed to add link)