dayz-server-manager icon indicating copy to clipboard operation
dayz-server-manager copied to clipboard

Published 20 hours ago verified publisher icon mr-guard

Enhancing User Security

Open coolguy1771 opened this issue 1 year ago • 1 comments

Presently, the system utilizes an unencrypted plain text file for user management, exposing us to potential security risks. To fortify our security standards, I suggest the implementation of advanced password protection mechanisms, such as bcrypt, MD5, and other established protocols, in line with the robust security measures employed by HTTP Basic Auth.

Furthermore, to augment the versatility and security of our user management system, considering the integration of external protocols, such as LDAP, OAuth2, and SAML, would be prudent. This strategic enhancement not only addresses the current security vulnerability but also ensures alignment with industry best practices in user authentication and authorization.

coolguy1771 avatar Feb 28 '24 03:02 coolguy1771

md5 != advanced password protection @coolguy1771

bcrypt is the way to go

ClutchFred avatar Apr 02 '24 20:04 ClutchFred