SPECIAL TOPICS
  1. You are here:Home
  2. Articles
  3. authenticate_by-prevent-timing-based-enumeration-of-users

authenticate_by: Prevent timing-based enumeration of users.

  • 26/04/2024
  • 253

With the introduction of authenticate_by in Rails 7.1, we can now prevent enumeration attacks based on response timesAn enumeration attack based on response times is what I showed above. An attacker will be able to test emails by brute force and will be able to tell when an email exists or not in our database by analyzing the response times of our web application or rather of the http request.A very simple example using the above code would give us response times like this:.
authenticate_by: Prevent timing-based enumeration of users. #ruby #rubydeveloper #rubyonrails https://www.rubyonrails.ba/single/authenticate_by-prevent-timing-based-enumeration-of-users

RubyOnRails.BA

If you think that this shoudn't be here on the site, please contact us and we will remove it.

Read more
previous article

RubyWorld Conference 2020 will be held online on December 17th(Thu), 2020 at 12: 00 JST (03:00 UTC) | RubyWorld Conference 2020

share this post
  • linkedin rubyonrails.ba
  • twitter rubyonrails.ba
  • facebook rubyonrails.ba
next article

Speeding up Initial Rendering of Rails Pages with render_async.

quiz.rubyonrails.ba
blog.rubyonrails.ba
Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles

Popular Post