|
|
|
|
|
|
by mindcrime
3973 days ago
|
|
|
Another area I'd suggest looking into is your "recover your account key" setup. If the keys really really are random, then this is probably fine. But if there's any flaw resulting in your generated keys being less than ideally random, somebody could have figured out a way to generate an account recovery key, and then used that to steal an administrative account. That is, assuming your administrative user even has that option. If it does, it might be a good idea to disable that, since you presumably have direct db access anyway, and can always backdoor your way in if you forget your own password. |
|
|
Unfortunately, the alternatives are unthinkable for everyone who isn't a programmer.