Authentic
FR
version française
EN
english version
<

Tips FAQ Read-me

Questions and answers to better use and understand OAuthentic

Expand
tips
Collapse
tips

How to open an OAuthentic account, I do not see any subscription form

You just have to install the OAuthentic mobile app on your smartphone and to follow the instructions. If needed, look at the tutorials below depending on you own an iPhone or an Android smartphone.

First launch on iPhone
First launch on Android

How to edit a note with the mobile app

In the mobile app, when you select a note with a simple tap, the note is opened in view mode with the Markdown formatting. In this case, the text can not be changed.

There are several ways to open a note to edit it:

  • From the list of data, select the note with a long press instead of a single tap.
  • From the list again, perform a swipe action to the left of the selected data to display the available operations.
  • From a note already open in display mode, tap the edit mode button at the bottom of the screen to switch to the edit mode. You can then switch back using the display mode button.

How to login to the web app

Simply scan the login QR code with the scanner available from the button at the bottom of the main screen of the mobile application. See also the tutorial below.

Login to the web app

How to customize a password or note icon

Just type an emoji as first character of your password or note name. In that case, OAuthentic automatically replaces the default icon with the emoji.

All recent smartphones come standard with an emoji keyboard or a way to simply grab it.

On a computer this situation is much less widespread. A simple way is to use the emojipedia.org site and to copy the character you wish 👍

Please note: The emoji character at the top of a note or password name is not taken into account when sorting data.

How to refresh the document list in the mobile app

A swipe down move on the list refresh it.

How to print my notes and passwords

Just click the Print your data button available in the web app toolbar. It gathers all your data one ready-to-print document.

How to use an ISBN code as ciphering key

Just use the mobile app barcode scanner as shown in the tutorial below.

Scanning a barcode as ciphering key

Please note: If you lose the book that serves as reference for your ciphering key, make sure to buy the title in the same edition (publisher, format and year), because the same title from the same publisher may have several ISBNs depending on its format and year of publishing.

How to store my ciphering key on my smartphone

You can choose this option when creating an account or when entering your key.

Please note: By default, when your key is stored, the key entry screen is not displayed. You can change this option in the mobile app preferences.

How to change my preferences or my account data from the web application

Account and preference settings are only available in the mobile app even if they are about the web app.

How to geo-backup my ciphering key in a secret place

Please follow the tutorial below and go to your selected place to implement it.

Backup and restore your key in a secret place

Advice: After a backup, immediately try to restore the key to ensure the reliability of the chosen location.

How to display the GeOAuthentic console

In the GeOAuthentic screen, make a long press on GeOAuthentic. You will bring up a console that will display the geolocation attemps (cell x accuracy) and potential success.

How to disable an OAuthentic installation on a lost or stolen smartphone

Follow the procedure below

  • Install OAuthentic on another smartphone, whatever its model but using the same identifier (email address) in order to retrieve your configuration.
  • Open the section Account > Manage my devices and select the OAuthentic installation to reset.
Expand
faq
Collapse
faq

What a Zero Knowledge architecture is

Zero Knowledge technologies means that as a service provider, OAuthentic is technically not able to disclose the contents of your personal data to anyone, including under pressure.

The security and privacy that OAuthentic brings are the result of a combination of tangible technical choices which can be verified in day-to-day use as well as by analyzing the JavaScript web app code. This includes:

  • biometric authentication,
  • password-free sessions,
  • non-centralized encryption keys,
  • data encrypted at the source,
  • cookie-free web app,
  • encryption with the W3C WebCrypto standard API.

Are all my data encrypted

Whatever your data type (password or note), the data content is encrypted at the source. On the other side the data name is just encoded (ex. my password X or my note Y) to allow its display in a list and related operations (e.g. sorting) without requiring a key.

It is therefore advisable not to put confidential information in the name of the data but in their content.

Geo-backup data are also encrypted at the source and then not available to any third party unaware of the geo-backup location.

Why may a GeOAuthentic backup fail

First of all, it is important to understand that geo-backups and geo-restorations only succeed when, for a given operation, 3 geo-localizations are made with an accuracy of less than 25m.For each operation, up to 5 attempts are made. Thus, the reasons of geo-backup failures are the following:

  • The operation is carried out inside a building or in a place insufficiently cleared.
  • The user is moving during or just before the operation.

In case of doubt, please see the tip How to display the GeOAuthentic console.

Can I use OAuthentic with a biometric-less smartphone

Yes you can, but in that case we suggest:

  • to enable access control on your device,
  • to not store your ciphering key in the mobile app.

Please note: The security of your data is first of all the security of your devices which impacts all your applications.

Why OAuthentic does not offer automatic filling of web forms

It is a deliberate choice resulting from the following observations:

  • An automatic form filling service is becoming less relevant:
    • Web sites where confidentiality is really critical (e.g. banks) are becoming less likely to allow this kind of facility.
    • For less critical sites, major browsers offer acceptable password management features.
  • This type of service requires the installation of browser extensions which for various reasons may constitute security and privacy breaches.

Why should I sometimes reconfigure OAuthentic on my smartphone

This is a security measure designed to regularly check the user's email address and encryption key. Your account settings, your preferences and of course your geo-backup are preserved.

Will the OAuthentic service remain free of charge

Yes. The service is free and will remain with a wider and wider feature scope.

It is said that when a service is free, the product is the user. Is that the case

No. This would be in total contradiction with the OAuthentic objective: To be your privacy shield.

Free service is motivated by the following reasons:

  • The will to offer privacy protection in a world where many public and private actors seek to take advantage of your personal data to your disavantage.
  • The prospect of future really Premium features that will require a critical volume to be adopted.

Read-me

The following text is the latest version of the READ-ME note automatically inserted on account creation.

Home Offer Web App Tips News Blog A propos
Simpler Features Android App FAQ Contact
Safer Glossary iPhone App Read-me Software stack
More innovative Terms and conditions
Security report
SHARE
Share on Facebook Share on LinkedIn Share onTwitter Share by email