Encourage non-default instance salt
Problem:
Instance administrators need to set a custom loginSalt before running
CryptPad in a production environment. This value is supposedly only
rarely changed from the default.
Consequences:
The loginSalt makes it such attackers who want to brute-force common
credentials must do so again on each CryptPad instance that they wish to
attack. If loginSalt is the default one, then there is no protection
against this.
Suggestions:
-
Mention the
loginSaltmore prominently in the documentation. -
Write an installation script that initializes this salt to a random value.