passport-js
passport-js copied to clipboard
Implement more secure AppId
Currently AppId generated on https://telepass.me are sequential (10003, 10004) and can allow attacker to simply write script to list all client Id.
Possible solution:
- Generate UUID
- Apply XOR on AppId with a secret salt