|
|
|
|
|
|
by tony_codes
1237 days ago
|
|
|
Thanks for the feedback! The hash is actually used to derive an actual key using PBKDF2 -- the library used is https://cryptojs.gitbook.io/docs/ Also, I'm interested if you see an attack vector on the authentication method. One thing to note is that even if an attacker can authenticate successfully they still have no access to the user private data without brute forcing the master password. |
|
|