I was developing some small utility, I got this warning in the browser:
AES-CBC and AES-CTR do not provide authentication by default,
and implementing it manually can result in minor, but serious mistakes.
We recommended using authenticated encryption like AES-GCM to protect
against chosen-ciphertext attacks.
Which makes sense, KDBX is used for storing data alongside secrets, GCM helps in checking if data is tampered or not. Should look into it
I was developing some small utility, I got this warning in the browser:
Which makes sense, KDBX is used for storing data alongside secrets, GCM helps in checking if data is tampered or not. Should look into it