Nextcloud iOS app: PIN for encryption key?

Hello,

I heed some guidance with setting up an account in the Nextcloud iOS app.

After the introduction, I’m asked for a PIN (in German: “PIN für den Verschlüsselungsschlüssel”) which confuses me a bit.

  • Is the PIN identical with the “ChiffrierschlĂĽssel” mentioned on the 2nd intro page, and if not:
  1. What’s the purpose of the PIN?
  2. Is it a PIN number or a PIN code with any characters?
  3. Are there any requirements regarding the its length?
  4. Does one have to remember the PIN?
  • Or is the PIN identical with the (in German) “VerschlĂĽsselungsschlĂĽssel” mentioned in the intro?
  • Is there any documentation available online for this app?

Thanks in advance for your help.

Hello,

try to answer your issues

  1. To encrypt your data on your phone. If somebody steals your phone your data is safe.
  2. you can use characters as well. Using numbers myself.
  3. NAFAIK. Use 10 digits myself.
  4. You!

Yes PIN and “Verschlüsselungsschlüssel” are identical. Sorry for the different wording.

About docs I don’t know. There was a call for docs some weeks ago. Do not know the status about it.

Cheers,
rakekniven

Thank you @rakekniven. You helped me to better understand these matters.

I now opened issue #106 on Github in order to simplify those terms. The documentation seems to be in the planning, see issue #26 on Github.

A question remains for this one:

Isn’t that the purpose of the encryption key itself and the PIN protects the encryption key from being misused? Is this what you were trying to say?

1 Like

I’m not sure how this is implemented. But normally that’s they way it’s done, in the end it doesn’t change much because the person stealing your phone also has the encryption key and only needs to guess the PIN number.

Boys, big modify to the Crypto modality for the next version … please “pause” this thread until the next version it’s completed and publicised.

Thanks

I would like to have the option, not to use and not to set any encryption key at all. In theory, I have nothing against client-side encryption but if I want to use it, it should be implemented on all clients and not only my iOS device.

Yes ! :wink: next version it’s “optional” …

1 Like