Closed yrro closed 5 months ago
And increase identifier entropy to 128 bits, as recommended by OWASP: https://owasp.org/www-community/vulnerabilities/Insufficient_Session-ID_Length
0.6.0rc1 now uses secrets module and SESSION_ID_LENGTH
And increase identifier entropy to 128 bits, as recommended by OWASP: https://owasp.org/www-community/vulnerabilities/Insufficient_Session-ID_Length