- Unlock mobile app vault with biometrics and PIN together
- The mobile app vault can currently be unlocked with biometrics or a PIN. This feature would add an option in the settings to require both biometrics and a PIN to unlock the vault, instead of only one or the other.
- This feature would bring greater security to the mobile app with only a slight increase in inconvenience. This would theoretically improve security in situations such as: phone being stolen, crossing an international border, attacker shoulder-surfing in public. The combination helps reduce the mutually exclusive weaknesses of biometrics and PINs.
- This option could be accessed in Settings>Security after the “Unlock with [biometrics]” and “Unlock with PIN Code” options, with the vault timeout options working in the same way.
- A similar request was made here Allow to set a PIN in addition to biometrics for chosen items. But this new request may be easier to implement as both features are already implemented.
- GrapheneOS added a similar feature at the phone level add support for requiring an extra factor (PIN, passphrase or pattern) with fingerprint unlock · Issue #28 · GrapheneOS/os-issue-tracker · GitHub and it seems Windows can also do this. I can’t find examples of iOS or stock Android allowing this however, which leaves Bitwarden and its passwords potentially more vulnerable on these platforms.
Thank you for your time and for the great product that is Bitwarden.