-
1. check if there is any built-in solution, like IP blocking.
2. check if invalid logins for a valid username generate DOS for that user.
3. check the two step login like the new google login to avo…
-
## Summary
KeePassXC currently uses [AES or Twofish](https://keepassxc.org/docs/#faq-security-why-pm) block cipher to encrypt a database. This issue is a feature request to add support for an estab…
-
## Paste the full User-Agent String here
```
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
```
## Is this for Addition / Re…
-
I suggest adding a limit to failed login feature as an additional layer of security to prevent brute-force attacks easily, as there is no limit currently to that in CyberPanel login page.
-
Hi,
Does the RPC interface (I use it with '--rpc-secret=(...)' option) have any built-in protection mechanism against brute-force attacks?
I didn't find any detailed information about it (I also…
-
Since HTTP Digest Auth uses MD5 to hash passwords it's feasible to brute-force the password database if it ever gets compromised. Current best-practice is to use a purposely slow hashing algorithm e.g…
tibbe updated
6 years ago
-
Hi,
just a thought about making brute force attacks useless:
1. don't tell the password is not matching
2. open the database
3. provide random values as user names and passwords
4. if the app locks, …
-
Minetest should drop support for SHA1 authentication as it is not secure and allows downgrade attacks. This requires:
* A migration path to force users to upgrade to SRP
* /setpassword to generate…
-
Currently, if a rdap-server has shino configuration in order to allow credentials and roles management, there isn't a mechanism to protect the server from a brute force attack to gain credentials for …
-
# Description:
To protect user data on the 'sarthi' platform, robust password encryption and additional security measures must be implemented. This will ensure that user passwords remain secure and p…