WingNews logo WingNews GitHub [2]
top | item 14395394

Ask HN: Best practice for public links that are private

1 points| zazaalaza | 8 years ago | reply

I'm trying to build a web app where users can share sensitive information with their trusted friends via a public link.

I'm thinking of making it password protected, so you need the link plus a code.

I want this feature so an attacker cannot just brute force all link combinations to get the user profiles.

I was wondering if there is a better way to do this than passwords

1 comment

order
[+] Chris2048|8 years ago|reply
an attacker can always BF all combinations, you just have to make the space so large they are unlikely to find anything.

Probably a good question for a Stack Overflow?