SCTL is not End2End encryption, instead SCTL is more of an envelope, in which you store secrets until they are needed, and those secrets should only remain available in plain text while the operation that needs them is active.
GNU General Public License v3.0
8
stars
2
forks
source link
Interactive input should conclude with a cls/clear of the terminal to thwart shoulder surfers #47
As discussed in #36
A shoulder surfer could lift sensitive credentials because we dont clear the screen after input, and we do not mask the input.