Network security update: domain-server now resistant to replay attack


#1

We just merged a PR to improve the security of the domain-server, namely to prevent impersonation (replay) attacks. A unique connection token is now appended to your username before it is encrypted in the system, so an attacker cannot sign in again with your same credentials.

For anyone interested in the details of the improvements, check out the PR here.

These changes won’t be visible, but let me know if you experience any strange connection behavior or see any RSA or decryption-related error messages.

(note: you will need to update your domain-server and client)