This repository has been archived by the owner on Nov 22, 2022. It is now read-only.
Password protection for rooms #15
Labels
Comments
rclement
added
enhancement
|
Thanks for the feature request! Indeed, it seems like a sensible addition to increase room security one step further. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
While having the shared key in the hash part prevents Ephemere clients from sending it to your server, it does not prevent users from sharing the room URL on insecure channels, where the hash will be essentially in clear text.
For truly secure rooms, a separate form of authentication should be required, possibly in the form of a password from which a key that decrypts the room key can be derived.
The text was updated successfully, but these errors were encountered: