Could you elaborate? I wasn't involved in past discussions or issue reports of SteemConnect, will ask @fabien if there was any security concerns or reports.
You are viewing a single comment's thread from:
Could you elaborate? I wasn't involved in past discussions or issue reports of SteemConnect, will ask @fabien if there was any security concerns or reports.
I am not a hundred percent sure if it's a SteemConncet issue or a Dapp issue that has coded it like it. What happens when the authentication token gets generated, they were storing that token. Now the issue is, if someone will have access to that system can get all the tokens which will be a security lapse.
Authentication tokens are security feature of Hivesigner, it provides apps ability to perform actions with your consent. These has expiry time and easily invalidated in case of breach. If breach happens none of the web applications are safe anyway.
That's one of the reasons Esteem focused on standalone desktop and mobile applications which gives user security they deserve without relying on any third party websites.