Add an FAQ document

2024-07-08 19:45:46 +00:00 · 2022-01-26 13:35:30 +01:00 · 2022-01-26 13:35:30 +01:00 · a04020aed0
commit a04020aed0
parent 72c165749f
3 changed files with 106 additions and 0 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -4,6 +4,9 @@ Looking to contribute to Aegis? That's great! There are a couple of ways to help
 out. This document contains some general guidelines for each type of
 contribution.

+Please review [the FAQ](FAQ.md) before reporting a bug, asking a question or
+requesting a feature.
+
 ## Translations

 We use [Crowdin](https://crowdin.com/project/aegis-authenticator) to crowdsource
--- a/FAQ.md
+++ b/FAQ.md
@ -0,0 +1,101 @@
+# FAQ
+
+## General
+
+### How can I contribute?
+
+There are lots of ways! Please refer to our [contributing
+guide](https://github.com/beemdevelopment/Aegis/blob/master/CONTRIBUTING.md).
+
+### Why is the latest version not on F-Droid yet?
+
+We don't release new versions of Aegis on F-Droid ourselves. Once we've released
+a new version on GitHub, F-Droid will usually kick off their automatic build
+process a day later and publish the app to their repository a couple of days
+afterwards. It can sometimes take up to a week for a new version to appear on
+F-Droid.
+
+### Can you port Aegis to iOS/Windows/MacOS/Browser Extension?
+
+We don't have plans to port Aegis to other platforms.
+
+### Can you add support for Autofill?
+
+On Android, only one app can be active in the Autofill slot at a time, and since
+this is typically occupied by the password manager, we don't see much value in
+adding support for this feature in Aegis.
+
+### What is the difference between exporting and backing up?
+
+Exporting is done manually and backups are done automatically. The format of the
+vault file is exactly the same for both.
+
+## Security
+
+### I can no longer use biometrics to unlock the app. What should I do?
+
+If you could previously unlock Aegis with biometrics, but suddenly can't do so
+anymore, this is probably caused by a change made to the security settings of
+your device. The app will tell you when this happened in most cases. To resolve
+this, unlock the app with your password, disable biometric unlock in the
+settings of Aegis and re-enable it.
+
+### Why does Aegis keep prompting me for my password, even though I have enabled biometric authentication?
+
+You're probably encountering the password reminder. Try entering your password
+to unlock the vault once. After that, Aegis will prompt for biometrics by
+default again until it's time for another password reminder.
+
+Since forgetting your password will result in loss of access to the contents of
+the vault, __we do NOT recommend disabling the password reminder__.
+
+### Aegis uses SHA1 for most/all of my tokens. Isn't that insecure?
+
+The hash algorithm is imposed by the service you're setting up 2FA for (e.g.
+Google, Facebook, GitHub, etc). There is nothing we can do about that. If we
+were to change this on Aegis' end, the tokens would stop working. Furthermore,
+when using SHA1 in an HMAC calculation, the currently known issues in SHA1 are
+not of concern.
+
+### Why doesn't Aegis support biometric unlock for my device, even though it works with other apps?
+
+The reason for this is pretty technical. In short, since you're not entering
+your password when using biometric unlock, Aegis needs some other way to decrypt
+the vault. For this purpose, we generate and use a key in the Android Keystore,
+telling it to only allow us to use that key if the user authenticates using
+their biometrics first. Some devices have buggy implementations of this feature,
+resulting in the error displayed to you by Aegis in an error dialog.
+
+If biometrics works with other apps, but not with Aegis, that means those other
+apps probably perform a weaker form of biometric authentication.
+
+## Backups
+
+### How can I back up my Aegis vault to the cloud automatically?
+
+Aegis can only automatically back up to the cloud of the app of your cloud
+provider is installed on your device and fully participates in the Android
+Storage Access Framework. Aegis doesn't have access to the internet and we don't
+have plans to change this, so adding support for specific cloud providers in the
+app is not possible.
+
+Cloud providers currently known to be supported:
+- Nextcloud
+
+Another common setup is to configure Aegis to back up to a folder on local
+storage of your device and then have a separate app (like
+[Syncthing](https://syncthing.net/)) sync that folder anywhere you want.
+
+## Importing
+
+### When importing from Authenticator Plus, an error is shown claiming that Accounts.txt is missing
+
+Make sure you supply an Authenticator Plus export file obtained through
+__Settings -> Backup & Restore -> Export as Text and HTML__. The ``.db`` format
+is not supported.
+
+If it still doesn't work, please report the issue to us. As a temporary
+workaround, you can try extracting the ZIP archive on a computer, recreating it
+without a password and then importing that into Aegis. Another option is
+extracting the ZIP archive on a computer and importing the resulting
+Accounts.txt file into Aegis with the "Plain text" import option.
--- a/README.md
+++ b/README.md
@ -9,6 +9,8 @@ including some features missing in existing authenticator apps, like proper
 encryption and backups. Aegis supports HOTP and TOTP, making it compatible with
 thousands of services.

+For a list of frequently asked questions, please check out [the FAQ](FAQ.md).
+
 The security design of the app and the vault format is described in detail in
 [this document](docs/vault.md).