Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UltraSec (paranoid) Mode #5

Closed
7-of-9 opened this issue Apr 10, 2019 · 1 comment
Closed

UltraSec (paranoid) Mode #5

7-of-9 opened this issue Apr 10, 2019 · 1 comment
Labels
enhancement New feature or request security Web Wallet

Comments

@7-of-9
Copy link
Member

7-of-9 commented Apr 10, 2019

There should be a user option to activate a security one level higher than High Security: UltraSec.

If UltraSec=1 then document.hjs_mpk should not be persisted in any JS context. The user should be prompted for his MPK each time its hash is required and its value held in memory and nuked after use.

Note this is partially implemented / WIP re. <LoginForm... unlockMode=true>.
@7-of-9 7-of-9 added enhancement New feature or request security labels Apr 10, 2019
@7-of-9 7-of-9 changed the title UltraSec Mode UltraSec (paranoid) Mode May 10, 2019
@7-of-9
Copy link
Member Author

7-of-9 commented May 10, 2019

dupe #36

@7-of-9 7-of-9 closed this as completed May 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request security Web Wallet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@7-of-9