You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Imagine your password expires and you're not allowed to set the password to one that was previously set.
A good work around would be to store the secret in token1.txt. Then, once you need a new password you can create a new password which will create token2.txt and store the state in a lookup table. I.e. "facebook.com" is now hashed with token2.txt. If let's say twitter.com also needs a new password, it will also use token2.txt. Once facebook.com needs a new password token3.txt will be created as a shared token.
Obviuosly the lookup table needs to be backed up. Maybe a clean-up process can delete all unused tokens? The idea is to have every password to default to token1.txt, however if there are only token3.txt references in the lookup table then token2.txt could be removed and token3.txt renamed to token2.txt although there is very little benefit for doing that. It's more a case of expiring an existing token when it's compromised or similar.
The text was updated successfully, but these errors were encountered:
Imagine your password expires and you're not allowed to set the password to one that was previously set.
A good work around would be to store the secret in token1.txt. Then, once you need a new password you can create a new password which will create token2.txt and store the state in a lookup table. I.e. "facebook.com" is now hashed with token2.txt. If let's say twitter.com also needs a new password, it will also use token2.txt. Once facebook.com needs a new password token3.txt will be created as a shared token.
Obviuosly the lookup table needs to be backed up. Maybe a clean-up process can delete all unused tokens? The idea is to have every password to default to token1.txt, however if there are only token3.txt references in the lookup table then token2.txt could be removed and token3.txt renamed to token2.txt although there is very little benefit for doing that. It's more a case of expiring an existing token when it's compromised or similar.
The text was updated successfully, but these errors were encountered: