-
Secrets Code Splitting
I setup the Angular application to have code-splitting for each route. I added pages to display the status of all portions of secrets, and edit database, encryption keys, and the cache server. Read More
-
Secrets UI
Busy day setting up secrets manager. Copied Angular project from error logs, implemented login/logout and basic UI. Needs work on database, encryption, and secure recovery. Delay of one day due to fatigue. Read More
-
Rate Limiting
For enhanced security, I’ve implemented account lockouts after failed login attempts to thwart brute-force attacks. Logins now feature progress spinners for smoother transitions, and automatic logout upon expired tokens. I’ve also blurred 2FA details for increased privacy, and added a button to streamline error reporting. Read More
-
Authentication Bearer
I created a login form and 2FA form, adding access controls to sensitive information within error logs. Endpoints were reconfigured to require a valid authorization header before allowing data to be returned. Read More
-
Editing Credentials
Today I created a form to edit the login credentials and two-factor authentication. I ported my 2FA class from PHP over to TypeScript, and displayed a QR Code to provision the secret into Google Authenticator. Read More
-
Key Recovery
Todays journey goes into key recovery in a simulated scenario where all keys have been deleted. I start a recovery process to reconfigure the database, two-factor authentication, and dropbox api token to import the backup keys. Read More
-
Two-Factor Authentication
Explore the intricate world of Two-Factor Authentication (2FA). Discover the role of QR codes in securely storing provisioning secrets and delve into the generation of Time-Based and Counter-Based one-time passwords. Learn strategies to mitigate security risks and navigate potential limitations in programming. Read More
-
Separating Services
Changes were made to store the secrets in a separate database rather than a JSON file to allow scalability and portability. An initial design had setup an over-engineered system for an enterprise. Then it was simplified, and further normalized. Read More