Skip to content

password needs to be securely generated #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nhooyr opened this issue Mar 6, 2019 · 3 comments
Closed

password needs to be securely generated #26

nhooyr opened this issue Mar 6, 2019 · 3 comments

Comments

@nhooyr
Copy link
Contributor

nhooyr commented Mar 6, 2019

See https://github.com/codercom/code-server/pull/5/files#r262790187
@nhooyr
Copy link
Contributor Author

nhooyr commented Mar 6, 2019

https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues

@NGTmeaty
Copy link
Contributor

NGTmeaty commented Mar 6, 2019

Oops sorry, I brought up the same concerns here: #4 (comment)

@MichaelDesantis MichaelDesantis mentioned this issue Mar 6, 2019
Merged
@MichaelDesantis
Copy link
Contributor

MichaelDesantis commented Mar 6, 2019
edited
Loading

@nhooyr Given this is in the CLI, I don't believe the window scope for window.crypto.getRandomValues() will be accessible. However we may be able to use https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_randomfillsync_buffer_offset_size instead. It's similar in that according to the docs it also generates cryptographically strong pseudo-random data.

I'll tackle this one. Should have a PR up for this shortly.

UPDATE: PR is here #51

@MichaelDesantis MichaelDesantis mentioned this issue Mar 6, 2019
Merged
MichaelDesantis pushed a commit to MichaelDesantis/code-server that referenced this issue Mar 6, 2019
Generate seruce passwords, fixes issue coder#26
b543880
kylecarbs pushed a commit that referenced this issue Mar 7, 2019
@MichaelDesantis @kylecarbs
Generate secure passwords, fixes issue #26 (#51)
e20b79b
code-asher added a commit that referenced this issue Jun 19, 2019
@code-asher @kylecarbs
Uploader online (#26)
4656da3
code-asher pushed a commit that referenced this issue Jun 19, 2019
@MichaelDesantis @kylecarbs
Generate secure passwords, fixes issue #26 (#51)
70ca2e6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@NGTmeaty @kylecarbs @nhooyr @MichaelDesantis