Security Issue! Please replace insecure pins with 5*6 numbers (example: 12345-67890-12345-09876-54321-09876)
see discussion here: #754 (closed)
Quotation:
https://git.jami.net/savoirfairelinux/jami-daemon/-/blob/master/src/jamidht/archive_account_manager.cpp#L469 In this code, the pin is only used as the salt for a password. The salt and the key derivation function increases the security for a good password, but does not provide security at is own. Today, almost all passwords are secured by a salt and a key derivation function, and still bad passwords exist and they are a problem. In this example, if you do not provide a password, it is the worst possible password. But if you use no password for this and only a kind of "secret salt", you are indeed using the way too small pin (+ a timestamp, if you look closely) as the password which now has to be as secure as a real password. And in Jami, this password called "pin" called "salt" is way too small, even with a good key derivation function and a timestamp added. @sblin You have a big security issue in Jami. Please fix this by providing enough entropy for the "pin". A good way for this could be 30 numbers between 0 and 9, separated in groups of 5 chars, for example 12345-12345-12345-54321-54321-54321. This has more than enough entropy, is used in a similar way for Signals backup keys, and because of only using numbers, you cannot confuse I and l or 0 and O. Another way (only for english users - but you have users all over the world. So do not use this) would be the https://en.wikipedia.org/wiki/Diceware method. It uses dices with 1-6 numbers that are thrown 30 times to choose 6 random words that form a secure password. If this is secure, 30 random numbers between 0 and 9 are secure, too. Even more secure. So using a key like 12345-12345-12345-54321-54321-54321 would fix this problem and provide enough entropy for security.