flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

docs: explain why we auto-generate random update passwords

Browse Source
This commit is contained in:
Thomas Waldmann 2014-09-17 00:08:30 +02:00
parent 3da3d82eb4
commit 4bb8301142
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/security.rst
View File

@ -85,6 +85,11 @@ It is not stored in clear text by nsupdate.info.
If you lose the secret, you'll have to generate a new one and change it in your If you lose the secret, you'll have to generate a new one and change it in your
update client also. update client also.
We use a random and automatically generated update secret to avoid that users
enter a bad password here (like reusing a password they use somewhere else,
choosing a too simple password) and to avoid disclosure of such user-chosen
passwords in case the hashes ever get stolen and brute forced.
Nameserver Update Secret (backend, RFC 2136) Nameserver Update Secret (backend, RFC 2136)
-------------------------------------------- --------------------------------------------