10 months ago
Problem:
If steal my notebook or access railway.com in browser, the invasor can see my .env variables
Solution:
In settings page must be have a option with this functionality:
Enable 2FA in login = true|false
and/or time expiration of cookie auth/retry cookie auth
------
For critical application, like fintechs, health systems and etc
this could mean the startup/project going bankrupt
I love railway, I do not want to go to mainstream clouds, I followed the progress of railway together as a customer, loving the service offered and for sure in the near future we will grow together and stronger
Sorry my bad english, I leaning...
Thank you for your time and consideration. Sincerely, John Doe
Albert Keiyza
3 Replies
10 months ago
Hello,
We support 2FA, and you have it enabled.
I'm unsure of the issue you bring up, could you please clarify?
Though maybe this will be applicable? -
https://docs.railway.com/guides/variables#sealing-a-variable
Best,
Brody
Status changed to Awaiting User Response Railway • 11 months ago
brody
Hello, We support 2FA, and you have it enabled. I'm unsure of the issue you bring up, could you please clarify? Though maybe this will be applicable? - <https://docs.railway.com/guides/variables#sealing-a-variable> Best, Brody
10 months ago
Wow, I didn't know that functionality
I thank you for your patience and education
Railway is the best!
Status changed to Awaiting Railway Response Railway • 11 months ago
Status changed to Awaiting User Response Railway • 11 months ago
Status changed to Solved albertgabriel12 • 10 months ago