• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

ios update to IOS Norton Password Manager now will not let you opt out of touch id

The new update to Norton Password Manager in IOS in effect allows a fingerprint access to the vault even if pin is not set.  This is a large problem.  Vault, by its very nature, needs to be more secure than the phone itself.  The same print that unlocks the phone will now unlock the vault.  This is a horrible idea.  I understand if some folks want this for easy access, but in the past  you could always specifically opt in to touch id for the vault if you wanted it.  Now, you can't avoid giving access to the vault by touch id.  The app needs to go back to the way it was.

Replies

Kudos0

Re: ios update to IOS Norton Password Manager now will not let you opt out of touch id

I'm only guessing that Norton is assuming that who ever has a fingerprint registered to open the device, would be the owner of that device. As such, it would only be the owner of the device that can open the vault with a fingerprint. I personally do not see how this would be a security problem. 

From what I can remember, the fingerprint open was always presented if your device supported that feature.

Things happen. Export/Backup your Norton Password Manager data.
Kudos0

Re: ios update to IOS Norton Password Manager now will not let you opt out of touch id

Previously, you could opt in to Touch ID for the vault.  Now, you cannot disable it.  This is indeed a significant problem.  One example only is that an overzealous law enforcement officer might coerce vault access via fingerprint.  They would then have access to all vault content.  If a password were used, at a minimum a court order would be required to obtain vault access.

The very word "vault" implies an area of higher security.  Just because someone has a key to my house does not mean that they have the key to my safe.  I would posit that virtually no one would have a safe key that is the same as their house key.  Norton has just in effect done that very thing. 

Kudos0

Re: ios update to IOS Norton Password Manager now will not let you opt out of touch id

This might be a good suggestion for the Product Suggestions board https://community.norton.com/forums/product-suggestions

Things happen. Export/Backup your Norton Password Manager data.