Great work, I knew we have some security concerns on SteemConnect like it was saving the tokens on the system. Using HiveSinger are we targeting these securities as well?
Great work, I knew we have some security concerns on SteemConnect like it was saving the tokens on the system. Using HiveSinger are we targeting these securities as well?
Could you elaborate? I wasn't involved in past discussions or issue reports of SteemConnect, will ask @fabien if there was any security concerns or reports.
I am not a hundred percent sure if it's a SteemConncet issue or a Dapp issue that has coded it like it. What happens when the authentication token gets generated, they were storing that token. Now the issue is, if someone will have access to that system can get all the tokens which will be a security lapse.
Authentication tokens are security feature of Hivesigner, it provides apps ability to perform actions with your consent. These has expiry time and easily invalidated in case of breach. If breach happens none of the web applications are safe anyway.
That's one of the reasons Esteem focused on standalone desktop and mobile applications which gives user security they deserve without relying on any third party websites.