Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Mitigate Personal Identifiable Information (PII) Threat #34

Open
2 tasks
vzool opened this issue Jan 23, 2023 · 1 comment
Open
2 tasks

[Feature Request] Mitigate Personal Identifiable Information (PII) Threat #34

vzool opened this issue Jan 23, 2023 · 1 comment

Comments

@vzool
Copy link
Member

vzool commented Jan 23, 2023
edited
Loading

The LastPass security incident caused a data breach for encrypted user passwords vault and Personal Identifiable Information (PII) like Usernames & Email addresses and many others, which lead to staging a Phishing-Attack.

The Passky-Server currently has the same issue with PII with the following fields:

  • Username.
  • Email.

Those fields need to be eliminated that threat and maintain the system usability for the following functions like:

1- Resetting 2FA thru Email.
2- Send an email if someone else has signed to your account.

REF: Screenshot of LastPass security incident in case it got deleted somehow ^_^

screencapture-blog-lastpass-2022-12-notice-of-recent-security-incident-2023-01-23-15_29_50
@vzool
Copy link
Member Author

vzool commented Jan 26, 2023

Proposed Solution No. 1

Passky-Server Personally Identifiable Information (PII) Threat Mitigation

@vzool vzool changed the title [Feature Request] Eliminate Personal Identifiable Information (PII) Threat [Feature Request] Mitigate Personal Identifiable Information (PII) Threat Jan 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vzool