Tag: auth

Release: Gitea 1.14.0

Today marks the release date of the Gitea 1.14.0, only a few days after the release of the patch version 1.13.7. Although 1.14.0 is a minor release from the semver's perspective, it contains a lot of changes. I decided to add comments on the Features I am the most excited about. …

Are OTP secrets stored in plaintext

What happens with OTP secrets when a user database get leaked? Could the attacker use them to gain your other sensitive information? How are they even stored on the server? Storing password# One of the widely used method to log into some service day is still via form of a passwo…