Feature Request: Password Protection for Nextcloud Client Settings

I have no support question and have seen the support category. (Be aware that direct support questions will be deleted.)

on

Which general topic do you have

Hi,

I’d like to propose a feature to enhance the security of Nextcloud client settings.

Would it be possible to introduce an option to set a password during the client installation or configuration? This password would prevent unauthorized changes to the settings unless the password is provided.

Here’s my use case:
I have my Nextcloud account set up on multiple computers. My personal computer has access to both Private and Work folders, while my work computer only syncs the Work folders (which are non-confidential).

Currently, there’s nothing preventing someone from reconfiguring the client on the work computer to sync all folders, including Private ones. While using separate accounts is an alternative, this setup is much more convenient for me. :blush:

I believe this feature could also benefit others managing mixed-use or shared devices while ensuring better control over data access.

Thank you for considering this!

You can sync different account at the same time. Problem is, with 2FA, the client creates on the first connection a specific app password (random alphanumeric characters), and this way you would force people to note this password. And if people don’t have this password, you need to provide ways to restore it easily. And if you don’t have 2FA, what happens when you change the password, …
Also the client needs to be able to read the config file, if it is encrypted with the password, you need to enter it all the time (if it is saved, someone might be able to extract it).
Just saying that you add a lot of complexity to solve a problem that you could easily solve by using different accounts.

To restrict access, you can as well use file access control to limit access to certain areas: File access control - Apps - App Store - Nextcloud

Restricting access to client settings within that app directly would be a suggestion for the desktop client team. No doubt it has been filed and discussed before, but you’ll have to find it among the many open issues on their github.

Hmm, here is one mention I found searching the repo in locking down access to the e2e client settings

This topic was automatically closed after 14 days. New replies are no longer allowed.