madduck
commented
5 years ago Also, storing a token means that there won't be a new device created for the user every single time matrix-ircd is restarted.
Open reth- opened 6 years ago
madduck
commented
5 years ago Also, storing a token means that there won't be a new device created for the user every single time matrix-ircd is restarted.
madduck
commented
5 years ago This is arguably a duplicate of #43, or well, actually a better way to describe the problem.
I'd like the ability to have a dedicated token to be used for irc auth instead of the users real password.
We're using a LDAP-backend for matrix, and with the current options the users LDAP-credentials will be stored in the irc-client config (often plaintext) to allow auto connect. This is bad from security point of view as it may compromise access to more systems using the same LDAP if the config is leaked.
With a dedicated access token the damage is limited to the ability to impersonate a user via the ircd.