Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT randomness does not meet the expected degree #244

Closed
1 task done
iviczl opened this issue Jan 8, 2018 · 0 comments
Closed
1 task done

JWT randomness does not meet the expected degree #244

iviczl opened this issue Jan 8, 2018 · 0 comments
Assignees
@iviczl
Labels
bug
Milestone
Sprint 149

Comments

@iviczl
Copy link
Contributor

iviczl commented Jan 8, 2018
edited

The product generates JWT tokens that has a minor flaw. With a brute force method some hackers may can produce tokens that is accepted by the server side.

Acceptance criteria:

  • the generated jwt is random enough
@iviczl iviczl added this to the Sprint 149 milestone Jan 8, 2018
@iviczl iviczl self-assigned this Jan 8, 2018
@iviczl iviczl added the bug label Jan 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iviczl iviczl

Labels
bug
Projects
None yet
Milestone
Sprint 149
Development

No branches or pull requests
2 participants
@tusmester @iviczl