Password Pusher: Cyber Monday 2024 40% off any plan
Cyber Monday Sale
Get 40% off any pwpush.com plan.
Offer ends Monday.
Use code BLKFRIDAYX2024
This newsletter is special for Cyber Monday but I’ll include few recent updates:
pwpush.com
New Account Menu
When you click your Account name in the top right of the application, there is now an improved navigation menu. The previous design was causing some confusion so I hope this helps out.
Updated Policy & Settings Page
There is also an updated "Policy & Settings" page in the above mentioned menu. It includes a better layout and you can now set preferences for Requests.
Open Source
The open source version is wrapping up a security audit by PT Security. This has resulted in a a bunch of improvements and a CVE being filed with a fix in v1.49.0.
Once this is wrapped up, PT Security has offered to provide a public audit report that I can post publicly.
A community user @igniter07 also reported a potential Cross-site Scripting (XSS) Vulnerability now also filed as a CVE and fixed in v1.48.1.
Other recent updates include:
Account locking after 10 failed attempts
Increased cookie security & serialization
Shortened login sessions (this is a security tool after all)
Increased minimum password length required for sign up
V2
There is also a v2 branch now in progress with an overhaul of backend items that are overdue for an update. I’ll write more about this in the next newsletter as it progresses.
As always, if you need anything, feel free to contact me anytime at support@pwpush.com.
Thanks for reading!
Peter Giacomo Lombardo
See Also
- Password Pusher on Github & Docker Hub
- Configuration Guide for Password Pusher
- Support Password Pusher and get $200 in cloud credits by signing up to Digital Ocean with this link
