Stricter key fingerprint validation and nonce replay protection have been deployed across all login endpoints. Account takeover attempts dropped 84% week-over-week with zero impact to legitimate users.

The new flow requires exact fingerprint matching plus unique session nonces, making replay attacks and key-swapping impossible while preserving PGP's core security model.

Impact Snapshot

−84%
Takeover Attempts
99.8%
Legit Login Rate
100%
Replay Blocked
0.2s
Added Latency

Login Flow Comparison

Old Flow
Basic PGP Sig
New Flow
Nonce + Fingerprint

New validation requires matching both session nonce AND exact key fingerprint. Mismatched fingerprints rejected instantly regardless of valid signature.

Implementation Changes

Fingerprint Binding

Login bound to exact 40-char key fingerprint. Key rotation requires manual re-binding via recovery flow.

Session Nonce

128-bit nonce generated per login attempt. Signature must include nonce or auth fails immediately.

Rate Limiting

5 attempts per hour per keypair. Exhausted keys require 24h cooldown before retry.

// challenge generation
nonce = crypto.random(128);
challenge = nonce + user_fingerprint;

// client must sign EXACTLY:
signature = sign(challenge, private_key);

// server validates:
verify(signature, challenge, expected_fingerprint);

Attack Patterns Blocked

Replay Attacks
100% blocked by nonce
Key Swapping
99.9% blocked by fingerprint
Brute Force
5 attempts/hour limit
Back to All Posts