[Bug 28660] New: appdb uses phisable/replayable credentials
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue Oct 11 17:37:18 CDT 2011
http://bugs.winehq.org/show_bug.cgi?id=28660
Bug #: 28660
Summary: appdb uses phisable/replayable credentials
Product: WineHQ Apps Database
Version: unspecified
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: minor
Priority: P2
Component: appdb-unknown
AssignedTo: wine-bugs at winehq.org
ReportedBy: kevinperson at topicbox.com
Classification: Unclassified
The recent compromise of the winehq authentication databases highlights the
problem with using passwords as authentication credentials: they can be stolen,
and then you have to tell all your users their passwords are out there.
Use of an authentication server like OpenID (you can't lose secrets if you
don't keep them on your server) or a challenge-response scheme like client-side
SSL certs or phone verification avoids this problem.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list