Hash(static-pepper, username, password) * 250k It's not ideal - what would be ideal is zero knowledge proofs for such a thing. Yeah, I do hashing client side as well as server side. Even - unlike with the SSH public keys GitHub holds - to identify people, since WebAuthn public keys are deliberately uncorrelated you can't match my GitHub key against a Facebook key for example. There's a WebAuthn signature step, my signature is authentic, and you can even verify that from your log if you want, but you'd need to make a new signature to sign in, and you can't do that because the key needed to make my signature never left my hands.Įven better, GitHub defuses their liability because as well as a (presumably hashed) password that could be broken by a hypothetical attacker they've got a public key for me, and learning that public key doesn't help the attacker do anything, at their site or anywhere else. maybe you're a GitHub ops person), you don't get the ability to sign into GitHub as me. If you were to log literally every byte of the plaintext traffic when I sign into GitHub (e.g. Use public key signature tech to stop worrying about mistakenly logging a secret. However a better approach to this problem is to not rely on shared secrets.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |