Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make everything more secure! #32

Open
kmahar opened this issue Oct 19, 2017 · 2 comments
Open

make everything more secure! #32

kmahar opened this issue Oct 19, 2017 · 2 comments
Labels
enhancement help wanted
Milestone
release to public

Comments

@kmahar
Copy link
Collaborator

kmahar commented Oct 19, 2017

I worry that a tool designed to help people being harassed may become the target of harassers. so it would be great to have someone with an interest in security to go through the site and figure out and fix any potential vulnerabilities.
@kmahar kmahar added this to the release to public milestone Oct 19, 2017
@kmahar
Copy link
Collaborator Author

kmahar commented Nov 7, 2017

Some starting ideas for this:

  • use HTTPS for all our pages
  • sanitize all inputs to make sure malicious code cannot be inserted (this includes messages coming in via email)
  • require that users have longer/more secure passwords
  • 2 factor auth?

@amyxzhang
Copy link
Owner

Squadbox is now HTTPS everywhere!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
release to public
Development

No branches or pull requests
2 participants
@amyxzhang @kmahar