aboutsummaryrefslogtreecommitdiff
path: root/README.md
diff options
context:
space:
mode:
authorpandaninjas <101084582+pandaninjas@users.noreply.github.com>2022-12-25 05:43:37 +0000
committerGitHub <noreply@github.com>2022-12-25 05:43:37 +0000
commit2a1fe0acf80a8f67b710a65f936a9c6c1fa2219d (patch)
tree0b231d17c7c9ff4307073660cfcda851d4e6166f /README.md
parent9bfb4050a7061cf7ef0467c0c583c6efd0243899 (diff)
downloadNoSession-2a1fe0acf80a8f67b710a65f936a9c6c1fa2219d.tar.gz
NoSession-2a1fe0acf80a8f67b710a65f936a9c6c1fa2219d.tar.bz2
NoSession-2a1fe0acf80a8f67b710a65f936a9c6c1fa2219d.zip
Update README.md
Diffstat (limited to 'README.md')
-rw-r--r--README.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/README.md b/README.md
index c2c3a57..2a68761 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ This mod doesn't make you 100% safe, but it makes it much harder to steal your s
## Staying Safe
In order to work around an unpatchable security vulnerability, rename the NoSession jar to !.jar so it can load its protection before any other mods.
This only protects you from other mods. There are fake verification sites that can steal your session ID through that method. Don't login with Microsoft
-OAuth to anything except maybe your Minecraft launcher.
+OAuth to anything except maybe your Minecraft launcher. You may also want to verify the signature on any NoSession binary. It's signed with [pandaninjas' GPG key](https://raw.githubusercontent.com/pandaninjas/pandaninjas/main/pandaninjas-publickey.key).
## Bug bounty
See [SECURITY.MD](security.md)