Future version that implement GUI driven pathing will require a form of authentication for the map administrator.
Issue:
Login forms on the internet are prone to bruteforce and dictionary attacks, especially when the room of possible usernames can be limited to few options. This is a potential security risk.
Suggestions:
[ ] SALT passwords
[ ] Argon2 for passwords
[ ] 2FA optional with app support
[ ] User must pick username themself
[ ] Default password is SHA256 over at least 1024kb of random data
Reasoning:
You don't need to have the safest application. You just need to be safer then the majority of targets.
Situation:
Currently, there is no login.
Future version that implement GUI driven pathing will require a form of authentication for the map administrator.
Issue:
Login forms on the internet are prone to bruteforce and dictionary attacks, especially when the room of possible usernames can be limited to few options. This is a potential security risk.
Suggestions:
Reasoning:
You don't need to have the safest application. You just need to be safer then the majority of targets.