simple_encryptable icon indicating copy to clipboard operation
simple_encryptable copied to clipboard

Published 20 hours ago verified publisher icon rkorzeniec

Different salt per record

Open Rtwena opened this issue 4 years ago • 1 comments

I believe the salt should be different per record (and stored on the record).

The reason for this is so that if two records have the same password and using the same salt, then the encrypted value will be the same.

An attacker could check for records that are using the same password and perform a dictionary attack, as it is likely they are using an insecure password.

For this reason, it would be good to allow the salt to be different per record.

Rtwena avatar Nov 04 '20 13:11 Rtwena

I agree, free to open PR, otherwise I will work on it as soon as the time allows. Thanks for spotting this, much appreciated

rkorzeniec avatar Nov 15 '20 05:11 rkorzeniec