Commit bcc1ffba authored by Daniel Thompson-Yvetot's avatar Daniel Thompson-Yvetot
Browse files

Merge branch 'main_publish_osi_proposed_changes' into 'main_publish' 

Remove anti-keylogging measures, requirement to encrypt swap and hibernation files

See merge request cyber/stan4cr2/en-304-618!24
parents d5ebbb96 f0121efb

EN-304-618.md

+2 −3
Original line number Diff line number Diff line
@@ -1687,7 +1687,7 @@ Master password authentication mechanism exposed without adequate protection aga 
-   **R1.3**: SHALL implement exponential backoff for failed authentication attempts

-   **R1.4**: SHALL clear master password from memory immediately after use

-   **R1.5a**: SHALL support multi-factor authentication as mandatory option

-   **R1.5b**: SHALL mask password entry fields and implement anti-keylogging measures

-   **R1.5b**: SHALL mask password entry fields



## 5.2 Password Database Storage
@@ -2043,8 +2043,7 @@ Insufficient encryption enforcement, compromised storage, or inadequate network 
-   **R13.2**: SHALL use TLS 1.3 for all network communications

-   **R13.3**: SHALL implement perfect forward secrecy for communications

-   **R13.4a**: SHALL clear sensitive data from memory after use

-   **R13.4b**: SHALL encrypt swap files and hibernation files

-   **R13.4c**: SHALL disable caching of decrypted credentials

-   **R13.4b**: SHALL disable caching of decrypted credentials



## 5.14 Availability Protection