ACSP Suggestion 2022.6: Increase API Token Length
Submitted On: 17 February 2022
Description: After stripping the “API” and “-” characters the token has only 16 characters, each character having 36 unique values. Double the current length to 32 variable characters.
Value to Community: Longer token aligned to other API implementations will make the tokens more difficult to brute force.
Timeframe: Not specified
Status: Open Updated: 23 February 2022
23 February 2022
Thank you for your suggestion, numbered 2022.6 on confirmed receipt, requesting that we extend the length of API tokens to 36 characters to make them less susceptible to brute force attacks. We agree this would be a helpful change and increase the security of the API tokens. We will place this suggestion on the list for prioritization for the 2023 Engineering Roadmap.
Thank you for participating in the ARIN Consultation and Suggestion Process. Your suggestion will remain open until implemented.