\begin{result}
Password are stored in database using the PHP function \texttt{crypt}. Internally, this
- function uses salted MD5. This is way too reverse with brute-force attacks using dictionary files.
+ function uses salted MD5. This is way easy too reverse with brute-force attacks using dictionary files.
Instead it would be better to use the \texttt{argon2} password hashing algorithm
or the PHP \texttt{password\_hash} function (which currently uses BCRYPT).
\item Email validation, to harden brute force email address discovery
\item Installation database check, to prevent guessing attacks for the database password
\item Login, to prevent login guessing
- \item And comment submission, to prevent spam, phishing et cetera (by using CAPTCHA).
+ \item And comment submission, to prevent spam, phishing et cetera (by
+ using some CAPTCHA software).
\end{itemize}
\end{result}
\end{verbatim}
This implies making the configuration file readable for all users on the
system. This information should not be accessible for any user other than
- running the PHP script.
+ the one running the PHP script.
\end{result}
\item
\begin{result}
No password strengthening measures are implemented. The app should
- use some password strength estimator like \texttt{zxcvbn}.
+ use some password strength estimator like \texttt{zxcvbn}\footnote{\url{https://github.com/dropbox/zxcvbn}}.
\end{result}
\item