Closed
Bug 1548920
Opened 5 years ago
Closed 5 years ago
Security Review of Password Generation
Categories
(Firefox Graveyard :: Security: Review Requests, task, P1)
Firefox Graveyard
Security: Review Requests
Tracking
(firefox70+ fixed)
RESOLVED
FIXED
People
(Reporter: MattN, Assigned: dveditz)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [passwords:generation] [skyline][sci-exclude])
There isn't anything to review yet as we haven't started implementation but eventually I would like a review of:
- The password generation algorithm and implementation chosen to ensure there is enough entropy and no unnecessary bias in the generated passwords.
- Should we generate passwords in insecure forms?
- Should we cache by principal's origin across tabs?
I'll update this comment if there are more things to review and I'll email pi-request@ when the review can begin.
Thanks Matt - secreview has moved though. Send your email to secreview@mozilla.com (I'll give them a heads up).
|
Reporter | |
Updated•5 years ago
|
Flags: qe-verify-
|
|
Reporter | |
Comment 2•5 years ago
|
||
Email to the secreview list: https://groups.google.com/a/mozilla.com/d/topic/secreview/TW8iiTl09IM/discussion
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
QA Whiteboard: [skyline], feature
Whiteboard: [skyline]
|
|
Reporter | |
Updated•5 years ago
|
Whiteboard: [skyline] → [passwords:generation] [skyline]
|
|
Reporter | |
Updated•5 years ago
|
Assignee: nobody → dveditz
Status: NEW → ASSIGNED
|
|
Reporter | |
Updated•5 years ago
|
Priority: -- → P1
|
||
Updated•5 years ago
|
Whiteboard: [passwords:generation] [skyline] → [passwords:generation] [skyline][sci-exclude]
|
Assignee | |
Updated•5 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 3•5 years ago
|
||
|
|
Assignee | |
Updated•5 years ago
|
|
||
Updated•4 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•