k-hendricks
commented
4 years ago Implemented npm library uuid5. This shouldn't be used for cryptographically-secure pseudorandom numbers because it by design doesn't repeat.
Closed k-hendricks closed 4 years ago
k-hendricks
commented
4 years ago Implemented npm library uuid5. This shouldn't be used for cryptographically-secure pseudorandom numbers because it by design doesn't repeat.
The cookie authorization random number generator is just the native one in javascript. This isn't cryptographically secure. We also need to put some thought into getting some sort of information server-side that is actually random for the seed value. I know gpg uses some sort of hardware entropy, but it's really slow.