All non alphabets and non numbers are treated as spaces in password . #43
Assignees
Labels
bug
Something isn't working
good first issue
Good for newcomers
help wanted
Extra attention is needed
security
Comments
Anish-M-code
added
bug
|
hey, I would like to contribute to this please assign me this. |
|
@vishisht08 Sure. |
|
@vishisht08 Are you still interested on working on this issue? @gowtham758550 i guess pysecret integration is quite offering very limited support to this project, in terms of password restrictions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Due to pysecret integration all non alphabets and non numbers are treated as spaces in password which is used to derive key to encrypt the password store , this reduces the security of password manager. It is recommended to remove pysecret integration to fix this issue.
We should use password key derivation function like pbkdf2_hmac from hashlib to derive key securely.
Due to time and budget constraints , we can wait for some sponsor to fund us to fix this issue or make this project available to open source communities like up-for-grabs or open source friday or even during events like Hactoberfest.
The text was updated successfully, but these errors were encountered: