0

Remove version information from login page

Tácio Andrade 7 years ago 0

I would recommend removing information like the TeamPass version on the login page, because with this information an attacker can more easily find security holes from the used version of the application (looking at Github itself) and make an attack.

I know that it is the administrator's fault if I do not update the application quickly, but I believe that a delay of a few days between launch, approval and update may be critical for attackers to be able to carry out attacks and obtain all information from a client for example.