Security issues
Closed this issue · 3 comments
Hello, I noticed two security issues.
-
HTTPS is not supported, which causes the login/password to be sent in clear text on every HTTP request.
-
Passwords are hashed with MD5 before being stored in the database. MD5 is not a secure hashing algorithm, a SHA-2 algorithm (e.g. SHA-256) could be used instead (not the best but easy to implement and better than MD5) and the passwords should ideally be salted before being hashed.
I will try to implement these changes and submit a pull request, hoping you will accept it.
After some tests, https is in fact supported. Maybe it would be useful to warn that the use of an http prefix causes the passwords to be sent in clear text, since it is the default.
Anyway here is the pull request to replace MD5 with SHA256.
Thank you for your suggestions :)
I agree that md5 was not the best choice for storing passwords. 7f9aa76 replaces Md5 with PBKDF2.
Standard http is mainly used for simplicity. I believe that most users of this application do not want to generate certficates (or even purchase them). That being said, auto-generating and installing a certificate might be a good idea, though I wouldn't prioritize it at the moment. Using self-signed certificates would also raise the issue of having some browsers block the website.
I will add a note to the readme to indicate that https can be enabled if desired.
Awesome, thank you!