Bernd May

  • Registered on: 2010-07-22
  • Last connection: 2012-11-02

Activity

Reported issues: 1

2012-11-02

00:32 Redmine Feature #12296 (New): Add HSTS enforcement support to Redmine
During initial HTTPS session setup an attacker is able to run a MitM SSLStrip attack agains a client connecting to th...

2012-10-28

21:06 Redmine Feature #11542: Improve password security and use some standards.
While you might not call it brute forcing, when using a large dictionary it essentially is. Every second thus gained ...

2010-08-23

23:34 Redmine Open discussion: Security Audit of Redmine
Hey, I am fairly new to web app deployment but one issue just keeps nagging at me since I began with redmine in our c...

Also available in: Atom