Some security & encryption programs enable the use of a Keyfile in addition to a PW.
How about adding a product extension for this to LastPass Authenticator to enable a Bluetooth filesharing feature on Android? This could not only provide another/redundant factor (something you have), but it could also include biometric (something you are) to authorise on-phone, AND it could include a new factor of Whare You Are since BT has limited range.
I imagine it could work something like this:
A further feature could be to periodically poll the phone via BT to confirm it is still nearby & connected. (BLE could do this with low power usage). If the BT connection is lost, then it kills the target app & removes the file. Perhaps after a user-configured delay?
Of course, a similar thing could be done with NFC, but a) NFC is far less common than BT on devices, and b) the proximity for NFC means your phone would need to remain nearly in contact with the device.
BT can also provide signal power readings to give an idea of proximity of the phone to the target device. This might require the phone to be VERY close to the target, or just in the same room. Or, it could be relative to the power measured when first authorised. I.e. if I leave my desk for a coffee, the encryption is gone.
Besides offering users additional factors for authentication this extension can also work Offline. Meaning, if you have a target device and/or phone without internet/network access, this can still provide MFA. As a backup, the extension might enable USB connection to the phone to access LPA/the keyfile if BT isn't available.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.