diff options
author | Lars Wirzenius <liw@liw.fi> | 2019-03-31 18:41:46 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2019-03-31 18:41:46 +0300 |
commit | e834dde50717f577f27f3de6c87d73eeb2e1239d (patch) | |
tree | e67db519b68fe7b8121cefaf37d6eac0e2b00b58 | |
parent | 1c6b65ca79a12803a5acdd98736f0559f538d54a (diff) | |
download | ick.liw.fi-e834dde50717f577f27f3de6c87d73eeb2e1239d.tar.gz |
Add: peppering of secrets
-rw-r--r-- | yuck.mdwn | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -128,7 +128,8 @@ reference in discussions. minimises damage if they leak. Credentials SHOULD be stored encrypted using a respected encryption algorithm (such as scrypt) and using per-credential salting. Or something stronger - may be implemented instead. + may be implemented instead. Additionally, all the credntial + records SHOULD be encrypted for an additional layer of defense. * (MFA) Yuck MUST support multi-factor authentication using secure factors. * (PROTOS) Yuck MUST use secure protocols to authenticate users |