New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Add Timeout for long execution #56

Open

abonne01 opened this issue May 20, 2021 · 1 comment

abonne01 commented May 20, 2021

Hello,

I'm scanning with this lib all my passwords. But tome of them are token/keys, which are quite long.
Analyze them can take sometimes more than 30min.

Could you add timeout parameter? or a check for length ?

Thanks a lot.

abonne01 changed the title ~~Timeout~~ [feature] Add Timeout for long execution

Tostino commented Jan 26, 2023

I'd prioritize this feature, or something similar.

I've had user reports of crafted passwords causing stackoverflows, so bounding the runtime / problem space is necessary.
I also found a repo by a government contractor that contains exploits to help attack programs which use zxcvbn based algorithms for password strength: https://github.com/twosixlabs/acsploit/commits/fd5602adf9f312482b8010abf6b4691f08929bc4/acsploit/exploits/passwords/zxcvbn.py

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment