Salt generation is currently done by filling up [256]byte slice with random data, and then converting it directly to a string.
Because of this method, each character can only be between 0 and 256 in its value, which is limiting in its security. To improve this, it should be seen if UTF-8 or UTF-16 can be used in the POST data for the salt, and if so a string using that data should be generated instead and sent with the heartbeat.
Salt generation is currently done by filling up [256]byte slice with random data, and then converting it directly to a string.
Because of this method, each character can only be between 0 and 256 in its value, which is limiting in its security. To improve this, it should be seen if UTF-8 or UTF-16 can be used in the POST data for the salt, and if so a string using that data should be generated instead and sent with the heartbeat.