Add: peppering of secrets

author: Lars Wirzenius <liw@liw.fi> 2019-03-31 18:41:46 +0300
committer: Lars Wirzenius <liw@liw.fi> 2019-03-31 18:41:46 +0300
commit: e834dde50717f577f27f3de6c87d73eeb2e1239d (patch)
tree: e67db519b68fe7b8121cefaf37d6eac0e2b00b58
parent: 1c6b65ca79a12803a5acdd98736f0559f538d54a (diff)
download: ick.liw.fi-e834dde50717f577f27f3de6c87d73eeb2e1239d.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/yuck.mdwn b/yuck.mdwn
index 7908b01..352ccd9 100644
--- a/yuck.mdwn
+++ b/yuck.mdwn
@@ -128,7 +128,8 @@ reference in discussions.
       minimises damage if they leak. Credentials SHOULD be stored
       encrypted using a respected encryption algorithm (such as
       scrypt) and using per-credential salting. Or something stronger
-      may be implemented instead.
+      may be implemented instead. Additionally, all the credntial
+      records SHOULD be encrypted for an additional layer of defense.
     * (MFA) Yuck MUST support multi-factor authentication using secure
       factors.
     * (PROTOS) Yuck MUST use secure protocols to authenticate users
author	Lars Wirzenius <liw@liw.fi>	2019-03-31 18:41:46 +0300
committer	Lars Wirzenius <liw@liw.fi>	2019-03-31 18:41:46 +0300
commit	e834dde50717f577f27f3de6c87d73eeb2e1239d (patch)
tree	e67db519b68fe7b8121cefaf37d6eac0e2b00b58
parent	1c6b65ca79a12803a5acdd98736f0559f538d54a (diff)
download	ick.liw.fi-e834dde50717f577f27f3de6c87d73eeb2e1239d.tar.gz