DaAwesomeP
commented
1 week ago So the way it was designed for the techroom tablet (which I don't know where that ended up) is that this password is stored in an HTML file for a browser in kiosk mode. This HTML file logs in the user by going to a login URL. That way it logs itself in at boot but the user never sees or types the key.
If this is for the TV in techroom (which is not locked in a kiosk mode), then this authentication scheme is not the right one because someone could easily find and copy this key and take it elsewhere. For the case of a shared machine (not dissimilar to SM box, etc.) short-lived user sessions may make more sense? Or maybe we need IP address filtering.
It is a lot easier for someone to enter 16 characters of base64 than 64 characters of hex, for kiosks that cannot be deployed by an automated platform. This is just as secure.