Heh… fortunately I’m *very* early in the design of this, so yeah… nothing is set in stone yet. :-) On Sep 5, 2014, at 11:20 AM, SevenBits <sevenbitst...@gmail.com> wrote:
> On Friday, September 5, 2014, Quincey Morris < > quinceymor...@rivergatesoftware.com> wrote: > >> On Sep 5, 2014, at 10:15 , Britt Durbrow < >> bdurb...@rattlesnakehillsoftworks.com <javascript:;>> wrote: >> >>> If I can’t find an officially supported way to do this, then yeah - >> that’s what I figure I’ll have to do. I was trying to avoid it due to user >> experience issues; requiring a second login, etc is cumbersome every time >> somebody wants to record something in the app… <sigh> Oh well... >> >> It was never a workable idea, though. It’d be just as bad for a user to >> set a password of ‘123456’ as having no password, for example, and there’d >> never be an API that *told* you what the password was so you could check if >> it was good enough. Similarly, you’d never have a way of checking that the >> current screensaver actually *obscured* the screen contents. > > > That's very true - my current screensaver for example applies visual > effects to my screen - it distorts, but does not obscure, my screen > contents. Under HIPAA your idea was never workable due to practical > limitations. > Perhaps… most of the time there’s no data displayed onscreen; but there is an NSStatusItem that I need to keep “unauthorized” persons from interacting with… Also, there are distributed notifications that I can trap to lock any data display windows that do happen to be up when the screen locks. IANAL, but my understanding was that the quality of a user’s password was not a HIPAA requirement, just that there needed to be some method of user authentication (not that accepting ‘123456’, ‘monkey’, etc. is a good idea; just that it’s not **legally** required). > >> >> Given the rumors floating around about next week’s grand revelation event, >> you might also want to hold off making any decisions until you see what >> Apple will have to offer. With Health Kit, Home Kit, wearables and payments >> being bruited, there might turn out to be something secure that would ease >> the second-login problem. > > > Second. > I doubt that there will be any new APIs announced at that event… but even so, um, yeah… :-) I wonder if we’ll ever get TouchID on the desktop? _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com