[Svn] [roundcube/roundcubemail] 3d9798: Make brute force attacks harder by re-generating s...

GitHub noreply at github.com
Mon Sep 28 08:59:11 CEST 2015

  Branch: refs/heads/release-1.1
  Home:   https://github.com/roundcube/roundcubemail
  Commit: 3d9798da1f9d130abffad3cb429ac3be677791c5
  Author: Aleksander Machniak <alec at alec.pl>
  Date:   2015-09-28 (Mon, 28 Sep 2015)

  Changed paths:
    M program/lib/Roundcube/rcube.php

  Log Message:
  Make brute force attacks harder by re-generating security token on every failed login (#1490549)

Or more precissely use the same we did in git-master, i.e. do not base the token on
session ID, but use random bytes instead.

More information about the svn mailing list