update README with warning to reuse same salt

robinmoisson · Feb 27, 2022 · 14c6f7d · 14c6f7d
1 parent 0c5dbe7
commit 14c6f7d
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -92,6 +92,8 @@ You can clear the values in localStorage (effectively "login out") at any time b
 
 If you want to encrypt multiple pages and have the "Remember me" checkbox work for all pages (so you have to enter your password on one page and then all other pages are automatically decrypted), you need to pass a `--salt MY_SALT` argument with the same salt for all encrypted pages. The salt isn't secret, so you don't have to worry about hiding it in the command prompt.
 
+Remember to use the same salt if you're encrypting again at a later time, otherwise the users that have checked the "Remember me" box will be logged out when you deploy again (see [this comment](https://github.com/robinmoisson/staticrypt/issues/125#issuecomment-1053617845) for details). You find the salt used in any encrypted file if you've forgotten it, just search for `salt = ` in the encrypted HTML and you'll find it. 
+
 Because the hashed value is stored in the browser's localStorage, this will only work if all the pages are on the same domain name.
 
 ## FAQ

diff --git a/cli/README.md b/cli/README.md
@@ -90,6 +90,8 @@ You can clear the values in localStorage (effectively "login out") at any time b
 
 If you want to encrypt multiple pages and have the "Remember me" checkbox work for all pages (so you have to enter your password on one page and then all other pages are automatically decrypted), you need to pass a `--salt MY_SALT` argument with the same salt for all encrypted pages. The salt isn't secret, so you don't have to worry about hiding it in the command prompt.
 
+Remember to use the same salt if you're encrypting again at a later time, otherwise the users that have checked the "Remember me" box will be logged out when you deploy again (see [this comment](https://github.com/robinmoisson/staticrypt/issues/125#issuecomment-1053617845) for details). You find the salt used in any encrypted file if you've forgotten it, just search for `salt = ` in the encrypted HTML and you'll find it.
+
 Because the hashed value is stored in the browser's localStorage, this will only work if all the pages are on the same domain name.
 
 ## FAQ

diff --git a/cli/package.json b/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "staticrypt",
-  "version": "2.0.2",
+  "version": "2.0.3",
   "description": "Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).",
   "main": "index.js",
   "bin": {
-Original file line number
+Diff line change
@@ Expand Up @@
     If you want to encrypt multiple pages and have the "Remember me" checkbox work for all pages (so you have to enter your password on one page and then all other pages are automatically decrypted), you need to pass a `--salt MY_SALT` argument with the same salt for all encrypted pages. The salt isn't secret, so you don't have to worry about hiding it in the command prompt.
+    Remember to use the same salt if you're encrypting again at a later time, otherwise the users that have checked the "Remember me" box will be logged out when you deploy again (see [this comment](https://github.com/robinmoisson/staticrypt/issues/125#issuecomment-1053617845) for details). You find the salt used in any encrypted file if you've forgotten it, just search for `salt = ` in the encrypted HTML and you'll find it.
     Because the hashed value is stored in the browser's localStorage, this will only work if all the pages are on the same domain name.
     ## FAQ
@@ Expand Down @@