Update Login Key Security #99

Open
opened 2020-06-08 16:26:37 -07:00 by Max · 0 comments
Owner

TODO:

  • Set up mechanism to reissue key to user
  • Each session has a unique, random, id. If a session tries to use this ID and its wrong, it terminates the session, forcing relogin.
  • A reissued key changes the salt, password and re-encryptes the master pass
  • Keys older than 30 days are deleted automatically
  • Add option for user to log out all other active sessions
TODO: * Set up mechanism to reissue key to user * Each session has a unique, random, id. If a session tries to use this ID and its wrong, it terminates the session, forcing relogin. * A reissued key changes the salt, password and re-encryptes the master pass * Keys older than 30 days are deleted automatically * Add option for user to log out all other active sessions
Max added the
In Progress
label 2020-06-08 16:26:45 -07:00
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Max/SolidScribe#99
No description provided.