mirror of
https://github.com/token2/fido2-manage.git
synced 2026-07-01 08:16:53 +00:00
Document security limitations of command-line PIN usage
Added a section on security limitations regarding command-line PIN parameters.
This commit is contained in:
@@ -97,6 +97,8 @@ For example, the following command should be used to set a PIN on a new device:
|
|||||||
./fido2-manage.sh -setPIN -device 1
|
./fido2-manage.sh -setPIN -device 1
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Security Limitations of Command-Line PIN parameter ###
|
||||||
|
Due to limitations of command-line applications, sensitive parameters such as PINs may be exposed to other local users through process inspection mechanisms. Use fido2-manage only on systems where you have exclusive access and do not run it on shared or multi-user environments.
|
||||||
|
|
||||||
### Changes ###
|
### Changes ###
|
||||||
The changes implemented in our fork differ from the original code in the following ways:
|
The changes implemented in our fork differ from the original code in the following ways:
|
||||||
|
|||||||
Reference in New Issue
Block a user