summaryrefslogtreecommitdiff
path: root/content/entry/why-disappearing-messages-are-important-for-private-messaging.md
diff options
context:
space:
mode:
Diffstat (limited to 'content/entry/why-disappearing-messages-are-important-for-private-messaging.md')
-rw-r--r--content/entry/why-disappearing-messages-are-important-for-private-messaging.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/content/entry/why-disappearing-messages-are-important-for-private-messaging.md b/content/entry/why-disappearing-messages-are-important-for-private-messaging.md
index 23adfbd..32c3ced 100644
--- a/content/entry/why-disappearing-messages-are-important-for-private-messaging.md
+++ b/content/entry/why-disappearing-messages-are-important-for-private-messaging.md
@@ -12,7 +12,7 @@ One approach to mitigating this is disappearing messages, a feature which automa
The benefit of the online implementation is that all parties can be confident that no others hold records of messages older than a certain date, given that they're not purposely circumventing this security mechanism through screenshotting or something like that. Online disappearing messages can be made adjustable, so the sender and recipient can decide an appropriate time window to retain messages according to their threat model. This mitigates private information disclosure against thieves, [thugs](/glossary/), stalkers, and snooping spouses who gain physical access to the device.
-Another way to mitigate private information disclosure is requiring the user to set a password for the messaging app. People will still choose weak passwords, but for most common threat models, attackers will simply give up after seeing a password prompt anyways.
+Another way to mitigate private information disclosure is requiring the user to set a password for the messaging app. People will still choose weak passwords, but for most common threat models, attackers will simply give up after seeing a password prompt anyway.
In general, password protected apps are not a bad idea. But the problem with password protecting *messaging* apps is they must stay logged in on the user's device after the password is entered. App developers could require entering the password every time the app is opened or after some set interval, but that's too much inconvenience for most people. Since most people message on smartphones which would have the app logged in 24/7, password protection offers no real additional security.