Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security issue]: Password bruteforcing #195

Open
BatisteDONDOGLIO opened this issue Jul 4, 2024 · 4 comments
Open

[Security issue]: Password bruteforcing #195

BatisteDONDOGLIO opened this issue Jul 4, 2024 · 4 comments

Comments

@BatisteDONDOGLIO
Copy link

Observed issue:

From the tests I've been conducting, it is fairly easy to bruteforce the password that's been set on a shared file, as the current implementation of Send doesn't prevent the user from trying incorrect passwords indefinitely without any restrictions.

Suggested security features:

  • Block the user's IP address after X failed attempts (I guess Fail2ban can do this)
  • Implement an exponential timeout period between each failed attempts (e.g.: After 5 failed attempts, timeout the user for 2 minutes, then on each subsequent failed attempts, increase that timeout to 4m, 8m, 16m.... etc)
  • Make the file expire instantly after X failed attempts
  • Enforce a secure password policy at the bare minimum (length, complexity...)
  • Offer to generate a random, secure password with the click of a button when setting the password (=>16 characters, random lowercase and uppercase letters, numbers and symbols)
  • Those are just basic ideas.

Final note:

Ideally, this could be all optional features that can be selected when uploading the file. This way, people who don't want to add extra security don't have to.

@reinoudb
Copy link

reinoudb commented Jul 5, 2024

Would be pretty cool. The only thing im not sure about is:
- Make the file expire instantly after X failed attempts
This would make it possible for someone to delete someone else shared files

@BatisteDONDOGLIO
Copy link
Author

Would be pretty cool. The only thing im not sure about is: - Make the file expire instantly after X failed attempts This would make it possible for someone to delete someone else shared files

You have a good point actually.
But as I've stated in the final note, all of these features would preferably have to be entirely optional, and not enforced by default.

So if a user explicitly wants to enable such a feature, they should be aware of the possible implications and/or drawbacks for doing so.

In any case, I just listed a few ideas that came into mind while writing up about the issue, so I'm sure there are better alternatives :)

@thmmsn
Copy link

thmmsn commented Jul 8, 2024

I disagree with enforcing password policies.

Fail2ban sounds like a better implementation.

@BatisteDONDOGLIO
Copy link
Author

I disagree with enforcing password policies.

Again, no enforcing.

Everything listed under the suggested features should be optional features.
Meaning the user decides whether or not to enforce a password policy for their files.

It should NOT be the default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants