-
SPAKE preauthentication, currently in [draft at the IETF](https://tools.ietf.org/id/draft-ietf-kitten-krb-spake-preauth-09.html), solves one of the more serious design flaws in Kerberos: in the defaul…
-
**Reported by ingoratsdorf on 14 Jan 2014 23:40**
**Version:** feature requests
Brute force attacks are becoming more frequent.
I noticed that some people tried to login to my tine20 installation u…
-
In your summary, you write that you have code in place to check for SHA-1 collisions. I suggest getting rid of that code and its performance overhead.
There are simply no collisions for reasonably sh…
-
Hi,
I understand that for most parts SRP do not need costly KDF for password, but I think some way to impose some additional CPU or RAM cost on the client (but not server), would be beneficial to i…
-
as karma attacks works on saved open networks only and not secured ones so we will need to have the password first to get it work although this seems a bit hard... the number of saved networks Guarant…
-
Hi, I'm new to elasticsearch, and when I was browsing the code I found some potential risks.
1. The iteration count for PBEKeySpec is only 1024 which is not sufficiently high to protect against br…
Gax-c updated
6 months ago
-
With the growing adoption of HTTP/3, it's crucial to address security concerns specific to its protocols and implementations. One key area is the header compression mechanism used in HTTP/3, known as …
-
Hi,
I'm creating a project at work using Serverpod, and I don't want users to have to remember yet another password. I plan to have them enter their email, then the server will email them a random 6-…
-
### Description
[CWE-307: Improper Restriction of Excessive Authentication Attempts](https://cwe.mitre.org/data/definitions/307.html)
An attacker can easily utilize `Plogin` to ***Brute Force*** a v…
-
Add a provision to setup Google Authenticator / Authy for 2FA