Adding hash an salt + rework of connection/register system + Limiting max image size
We added a new registration/ login system with the use of argon2 and sha512.
We are adding hash and salt in both frontend and backend:
-> In the frontend:
We use sha512 to hash the password of the user so that is does not travel in raw on the network.
We added a salt to that hash to enhance the security. In fact, it makes it even more difficult to fin the original password even with a rainbow table.
-> In the backend:
We hash what comes from the frontend by using Argon2 library. We used it because it has a low number of security breach.
See this page for more informations.
Argon2 allow us to store a hash with a special header in it in the DataBase.
We create a hash with the "argon.hash(:string:)" instruction.
When a user wants to connect we can then compare this hash with an incoming hash from the request. For that we use "argon.verify(:storedHash:, :incomingHash:)" wich returns true or false.
Then we can choose to continue or to stop the login process.
Reducing max image size to decrease pollution and process time.
Adding hash an salt + rework of connection/register system + Limiting max image size
We added a new registration/ login system with the use of argon2 and sha512.
We are adding hash and salt in both frontend and backend:
-> In the frontend:
We use sha512 to hash the password of the user so that is does not travel in raw on the network. We added a salt to that hash to enhance the security. In fact, it makes it even more difficult to fin the original password even with a rainbow table.
-> In the backend:
We hash what comes from the frontend by using Argon2 library. We used it because it has a low number of security breach. See this page for more informations.
Argon2 allow us to store a hash with a special header in it in the DataBase. We create a hash with the "argon.hash(:string:)" instruction.
When a user wants to connect we can then compare this hash with an incoming hash from the request. For that we use "argon.verify(:storedHash:, :incomingHash:)" wich returns true or false.
Then we can choose to continue or to stop the login process.
Reducing max image size to decrease pollution and process time.