[DigitalPoint] Security 1.2.0.3

[theresa]

thanks to dear member @theresa updated [DigitalPoint] Security & Passkeys with a new update entry:

changelog

• Fixes an issue where certain (most) security keys couldn't properly authenticate as a two-step verification option.

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security & Passkeys with a new update entry:

changelog

I think this may have been the cause for a couple cases where an invalid Passkey record was saved to a user account. Previously, if an exception happened, it blindly accepted the null Passkey record as the new Passkey. If things went as expected (most cases) it wouldn't matter, but not everything always goes as expected. 🙂

• Added dataList-row--noHover class so background color doesn't change when the mouse moves over the table of two-step options a user has
• If an exception...

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security & Passkeys with a new update entry:

changelog

• Entropy for challenge changed from 192-bits to 768-bits
• All JavaScript has been rewritten to be "native" (does not use jQuery) in preparation for removal of jQuery in XenForo 2.3.

If you aren't using XenForo 2.3, you don't need to upgrade (might be some unmeasurable speed increase [think nanoseconds] when running its JavaScript since it doesn't dip into...

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security & Passkeys with a new update entry:

changelog

If you use the Days to auto-extend two-step device trust setting, the addon will always set the tfa_trust cookie when the user_remember record is extended (since we can't see the cookie duration on the server-side). Before we were only setting the cookie if the user_tfa_trusted.trusted_until value changed.

This will make it work as expected even if you had something unrelated (like a different addon) altering the user_tfa_trusted.trusted_until value (where you had a short cookie duration...

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security with a new update entry:

changelog

Passkeys are part of XenForo 2.3 natively now, so...

!!! VERY IMPORTANT !!!
If you upgrade to this version, Passkeys that were setup with previous versions of this addon will be deleted. Read that again if you didn't read it fully.

Existing Passkeys from this addon CANNOT be migrated to XenForo 2.3 native Passkeys (XF 2.3 uses resident keys, which allows things like passwordless login, so there's no upgrade path) and existing Passkeys created by previous versions of this addon will be...

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security with a new update entry:

changelog

Fixed issue with FontAwesome icons in XenForo 2.3
Removed enable/disable toggle for Passkeys on two-step page

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [DigitalPoint] Security with a new update entry:

changelog

Update link replacement function using regex

Read the rest of this update entry...

 

[Zechariah]

thanks to dear member @Zechariah updated [DigitalPoint] Security with a new update entry:

changelog

Sorry about the back to back releases. This is really only needed for XenForo 2.3 (previous release worked in 2.2 just fine).

Read the rest of this update entry...