Pixelfed: Security Features

Created on 17 May 2018  路  3Comments  路  Source: pixelfed/pixelfed

  • [x] ~bcrypt password hashing~
  • [x] OAuth / Authorized Applications
  • [x] ~Option to verify email before account can do anything~
  • [x] Option to require TLS by default (including remote apis)
  • [x] ~Two Factor Auth~
  • [x] ~Account Audit Log~
  • [x] ~Show Active Sessions in Security Settings~
  • [x] Usernames are retired after user deletes account
  • [x] ~Close new registrations~
  • [x] Restrict new registrations to invite-only
  • [x] Restrict new registrations to domain specific email addresses
Mid 馃捈 WIP 馃敀 Security

Most helpful comment

Please also support WebAuthn/U2F login using hardware security tokens. While it works great with GitHub and GitLab the Fediverse is lacking that support. See also https://github.com/tootsuite/mastodon/issues/562

All 3 comments

Also looks like I am not able to delete my account.

@nailyk-fr It is a WIP!

Please also support WebAuthn/U2F login using hardware security tokens. While it works great with GitHub and GitLab the Fediverse is lacking that support. See also https://github.com/tootsuite/mastodon/issues/562

Was this page helpful?
0 / 5 - 0 ratings

Related issues

arjenpdevries picture arjenpdevries  路  4Comments

gerhardbeck picture gerhardbeck  路  3Comments

lanodan picture lanodan  路  3Comments

davidpgil picture davidpgil  路  3Comments

Sarkasper picture Sarkasper  路  5Comments