-
Auto fill-out login forms.
-
We should have a better/safer way of storing data on the client than CSS-invisible `html.Div` components, for sensitive data that not all users should see/have access to. I propose a new `dcc.Store` c…
-
We should find a way to securely store secrets that users insert to avoid data leakage as a consequence of a possible compromise
-
If the body and possibly comment of bundles could be encrypted then the hosting company that stores the data could store data in a way that would not allow the hosting company to look at its contents.
-
Audit Template password (in organization settings) is currently saved unencrypted.
Add encryption, see Salesforce password for pattern
-
-
Passwords could be stored in the environment configuration files in an encrypted form, so that we could store them in version control.
For now the workaround is to read the passwords from an external…
-
* keys should be stored as hashes, rather than raw values
* the UI for creating a key should show the key when it is first loaded, and disappear on refresh
* we should review the metadata made avail…
-
This will lead to anyone who can access the directory can now read any encrypted data.
Thus the secret should be stored elsewhere.
But then the question is where?
Could be supplied by user on s…
-
Currently, Goobi.Production stores DES encrypted passwords with a well known pass phrase. This approach has several problems:
- As the pass phrase is well known, the encryption is not really useful.
-…