Well, I would suggest to make this behaviour optional. I guess most users do not want to enter the password each time they open the app.

Will it be enough to allow an user to specify a "master password"? Then, user have to enter the master password on each app start if master password is specified. The app will only open/display stats if master password is correct.

testeur, your proposal sounds good. How do other mobile app (handling sensitive data) handle this problem?

Hi matt

don't know much apps which handle this problem. Just some banking apps where you have to enter a pin on each start. Most phones are usually used by only one person.

What if i lose my phone or somebody steal it. This should really be optional. Otherwise i can't use this app. At the moment i just use the Android Browser Login.

A workaround is to change password of your Piwik account or delete your Piwik account on the server and create a new one if you lose your phone. This should create a new tokenAuth. We currently only store the tokenAuth, no password. But the tokenAuth is as secret as your login and password.

At the moment you can not change any Server settings via Piwik Mobile. Therefore, you could also create a new Piwik Account with only View Access which you only use in Piwik Mobile. If you lose your phone, someone has only the possibility to view your statistics.

A further workaround is to setup a "passcode" (additional to SIM Lock).

Under iOS open Settings -> General -> Passcode Lock

Under Android open Settings -> Security & Location -> Change Screen Lock and / or Password settings

This has the advantage that it works for all your installed apps.

Attachment:
loginscreen2.png

Attachment:
loginscreen1.png

just added 2 possible layouts...

is there a difference between both screenshots?

Just the "Welcome" Title Bar

I think I like the Welcome! title better :)

Security now has its own sub-category since they're "special" items :)