SECURITY ISSUE: Mishandling Credentials #69

0xtejas · 2021-03-10T04:47:24Z

This is a final checklist before 1st production Release

Store Usernames and Passwords in more safer way, Instead of plain text format.
Update passwords after the implementation of previous step.
Have a strong password with 8 or more characters with symbols and numbers.
Store passwords of users in hashes in the DB, instead of plain text.
Enable 2FA.

0xtejas · 2021-03-10T05:12:44Z

There are two tables, with credentials. One stores them in hashes other in plain text. Need discussion

sanjay-thiyagarajan · 2021-03-10T05:14:57Z

Yeah. You can work on this if you are interested 👍🏽

0xtejas · 2021-03-10T07:40:29Z

Yeah. You can work on this if you are interested 👍🏽

I don't have idea on how the tables are created and stuff... As you have implemented those, its better if you do it rather than me trying to messing with those 😂

0xtejas added Priority This issue is Important Security This is very much important to prevent mishap labels Mar 10, 2021

0xtejas added this to the First Production Release milestone Mar 10, 2021

0xtejas assigned sanjay-thiyagarajan Mar 10, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SECURITY ISSUE: Mishandling Credentials #69

SECURITY ISSUE: Mishandling Credentials #69

0xtejas commented Mar 10, 2021

0xtejas commented Mar 10, 2021

sanjay-thiyagarajan commented Mar 10, 2021

0xtejas commented Mar 10, 2021 •

edited

Loading

SECURITY ISSUE: Mishandling Credentials #69

SECURITY ISSUE: Mishandling Credentials #69

Comments

0xtejas commented Mar 10, 2021

0xtejas commented Mar 10, 2021

sanjay-thiyagarajan commented Mar 10, 2021

0xtejas commented Mar 10, 2021 • edited Loading

0xtejas commented Mar 10, 2021 •

edited

Loading