Update 1.29: Security — sign-in code & audit
New:
Two-factor sign-in:
Every sign-in additionally requires a 6-digit code sent by email; it expires after ten minutes. “Stay signed in” lasts at most 30 days.
Security review:
A targeted security test checked tenant separation on all levels — with no findings; the activity feed strictly shows your own workspace only.
All security-relevant package updates were applied.
Fixes:
Automatically generated addresses handle umlauts correctly: “Bühne” becomes “buehne” instead of “bhne”.