mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
e95c6a294d
* [HOTFIX] Prevent Username Enumeration * thanks to TheHllm for identifying the bug: https://github.com/TheHllm * temporarily prevents username enumeration with file auth * proper calculated and very slightly random fix to come * closely replicate behaviour * allow error to bubble up * Synchronize security documentation. Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
14 lines
644 B
Markdown
14 lines
644 B
Markdown
# Security
|
|
|
|
Authelia takes security very seriously. We follow the rule of
|
|
[responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure), and we
|
|
encourage the community to as well.
|
|
|
|
If you discover a vulnerability in Authelia, please first contact **clems4ever** on
|
|
[Matrix](https://riot.im/app/#/room/#authelia:matrix.org) or by
|
|
[email](mailto:clement.michaud34@gmail.com).
|
|
|
|
For details about security measures implemented in Authelia, please follow
|
|
this [link](https://docs.authelia.com/security/measures.html) and for reading about
|
|
the threat model follow this [link](https://docs.authelia.com/security/threat-model.html).
|