Authentication

Kisuke uses password authentication to connect to your spaces. This guide covers how to set up and manage your authentication.

Password authentication

Connect to your spaces using your account password.

How it works:

Enter your server credentials
Kisuke stores password securely in iOS Keychain
Automatic authentication on reconnection
Protected by Face ID/Touch ID

Setup process:

Add a new space
Enter your username
Choose Password authentication
Enter your account password
Connect securely

Security features

On-device protection

Your passwords are protected with:

iOS Keychain - Apple’s secure credential storage
Secure Enclave - Hardware-level encryption
Biometric lock - Face ID or Touch ID required
App isolation - Other apps can’t access your passwords
Auto-clear - Passwords removed if app is deleted

Best practices

Keep your connections secure:

Use strong, unique passwords (15+ characters)
Enable Face ID/Touch ID in Kisuke
Don’t share passwords between servers
Change passwords regularly
Use different passwords for different servers

Setting up authentication

First connection

When adding a new space:

Tap + to add space
Enter connection details
Select Password for authentication
Enter your password
Enable Save Password (recommended)
Tap Connect

Saved passwords

Kisuke can remember your passwords:

Stored securely in iOS Keychain
Unlocked with Face ID/Touch ID
Never sent to third parties
Encrypted on device
Synced via iCloud Keychain (optional)

Manual entry

For extra security, enter password each time:

Don’t enable Save Password
Enter password when connecting
Password not stored after session
Maximum security, less convenience

Managing passwords

Update password

When your server password changes:

Open space settings
Tap Update Password
Enter new password
Save changes
Test connection

Remove saved password

To delete a stored password:

Swipe left on space
Tap Edit
Tap Clear Password
Confirm removal

Password requirements

Check with your server administrator for:

Minimum password length
Required character types
Password expiration policy
Account lockout settings

Troubleshooting

Authentication failed

Wrong password:

Verify password is correct
Check for typos or autocorrect
Try typing in Notes app first
Ensure caps lock isn’t on

Account locked:

Too many failed attempts
Contact server administrator
Wait for lockout period
Check account status

Password expired:

Some servers require regular changes
Update password on server first
Then update in Kisuke
Test new connection

Can’t save password

Biometrics not enabled:

Go to iOS Settings
Enable Face ID/Touch ID
Return to Kisuke
Try saving again

Keychain issues:

Check iOS Settings → Passwords
Ensure iCloud Keychain is working
Restart device if needed
Contact support if persists

Server security

Recommended server settings

For administrators:

PasswordAuthentication yes
PermitRootLogin no
MaxAuthTries 3
MaxSessions 10

# Enable rate limiting
LoginGraceTime 60

Additional security

Enhance server security:

Fail2ban - Block repeated failed attempts
Non-standard ports - Change from default 22
IP allowlisting - Restrict access by IP
VPN requirement - Require VPN connection first

Privacy and security

What Kisuke stores

Username (plaintext)
Password (encrypted in Keychain)
Server address (plaintext)
Connection settings (plaintext)

What Kisuke doesn’t store

Password in plaintext
Connection history details
Command history
File access logs

Data protection

Your security is our priority:

All passwords encrypted
No cloud backup of passwords
No analytics on credentials
No third-party access
Complete user control

Tips for strong passwords

Creating strong passwords

Good passwords are:

Long - At least 15 characters
Unique - Different for each server
Random - No personal information
Mixed - Letters, numbers, symbols

Password examples

Good passwords:

MyC@t$Name!sFluffyJune2024
Coffee#Sunrise^Beach*2024
B1ueM0nd@y$Start!Fresh

Avoid passwords like:

password123
admin
Your name or birthdate
Keyboard patterns (qwerty)