Viliam Holub
Results
2
issues of
Viliam Holub
Code once verified must not be accepted again as per RFC 6238. While not absolutely critical, this helps is cases where the code (and password) were observed by third party...
A good practice is to encrypt or hash secret keys in DB. I would suggest to implement this. (Enhancement) While for one-off keys one way hash functions such as scrypt/bcrypt...