Felix Palmen :freebsd: :c64: @zirias@bsd.cafe
Public

There's a lot that could still be improved in , but I don't get that "proof of work" idea out of my mind, so I started a branch to work on it:

github.com/Zirias/swad/pull/1

I really think it makes sense when you want some publicly known "guest login" which is still protected against . Not sure yet whether this will succeed, we will see!

It certainly won't be as "fancy" as , but do the same thing functionally: Require the client to find a that, combined with a server-provided , hashes to something with 'n' leading zeros using . In contrast to anubis, swad won't have to proxy everything (but rely on nginx' auth_request), and no challenge will be issued when the user logs in with credentials some *other* credentials checker accepts.

Add a credentials checker that accepts the result of some "proof of work" (of the same kind used in "anubis") instead of a password. This should allow well-known "guest log...

Add "proof of work" credentials checker by Zirias · Pull Request #1 · Zirias/swad

Add a credentials checker that accepts the result of some "proof of work" (of the same kind used in "anubis") instead of a password. This should allow well-known "guest log...

github.com · GitHub

0
0
0

If you have a fediverse account, you can quote this note from your own instance. Search https://mastodon.bsd.cafe/users/zirias/statuses/114391300529246987 on your instance and quote it. (Note that quoting is not supported in Mastodon.)