We take security seriously in the DNAPass Password Generator project. This document outlines how to report security vulnerabilities and our process for addressing them.
If you discover a security vulnerability in the DNAPass Password Generator, please report it privately to ensure responsible disclosure. Do not create a public issue for security-related matters.
-
How to Report:
- Email the maintainer at [email protected] with a detailed description of the vulnerability.
- Include steps to reproduce, potential impact, and any suggested fixes.
- Use the subject line:
[Security Vulnerability] DNAPass Password Generator.
-
What to Expect:
- We will acknowledge receipt of your report within 48 hours.
- We will investigate and provide updates on the resolution process.
- If the vulnerability is confirmed, we will work on a fix and release a patch as soon as possible.
- We will credit you (if desired) in the release notes or changelog, unless you prefer to remain anonymous.
The following versions of the DNAPass Password Generator are currently supported with security updates:
| Version | Supported | End-of-Life Date |
|---|---|---|
| 0.1.2 | ✅ | TBD (Est. August 2026) |
| 0.1.1 | ✅ | January 31, 2026 |
| < 0.5 | ❌ | - |
Older versions are not supported. Please upgrade to the latest version to ensure you receive security fixes.
To maximize the security of passwords generated by DNAPass:
- Use a password manager like Bitwarden to store generated passwords securely.
- Enable two-factor authentication (2FA) for critical accounts.
- Avoid reusing passwords across services.
- Regularly update passwords using high-length options (e.g., 128 characters).
For questions or further assistance, reach out to [email protected].
Thank you for helping keep DNAPass Password Generator secure! 🚀🔑