668
edits
BrowserID Key Wrapping: Difference between revisions
→Security Considerations
| Line 57: | Line 57: | ||
== Security Considerations == | == Security Considerations == | ||
It's worth noting that the data stored on the service (e.g. Sync) is not vulnerable to low-entropy passwords, because it is encrypted with a user-key. However, the wrapped user key stored on the BrowserID service may be vulnerable if the user's password is not sufficiently secure. Finding a good, usable way to obtain a secure password will be very useful. | |||
== Further Work == | == Further Work == | ||