# Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

    # Einen Error zurückgeben
    ...
```

Aber durch die Verwendung von `secrets.compare_digest()` ist dieser Code sicher vor einer Art von Angriffen, die „Timing-Angriffe“ genannt werden.

### Timing-Angriffe

Aber was ist ein „Timing-Angriff“?

Stellen wir uns vor, dass einige Angreifer versuchen, den Benutzernamen und das Passwort zu erraten.

# limitations under the License.
# ==============================================================================
source "${BASH_SOURCE%/*}/utilities/setup.sh"

      slowFactorials[i] = RANDOM_SOURCE.nextInt(factorialBound);
      binomials[i] = RANDOM_SOURCE.nextInt(factorials[i] + 1);
    }
  }

  /** Previous version of BigIntegerMath.factorial, kept for timing purposes. */
  private static BigInteger oldSlowFactorial(int n) {
    if (n <= 20) {
      return BigInteger.valueOf(LongMath.factorial(n));
    } else {
      int k = 20;

# limitations under the License.
# ==============================================================================
source "${BASH_SOURCE%/*}/utilities/setup.sh"

  if [[ "$new_wheel" != "$wheel" ]]; then
    rm "$wheel"
    wheel="$new_wheel"
  fi

  TF_WHEEL="$wheel" bats /usertools/wheel_verification.bats --timing

    # Return some error
    ...
```

Porém, ao utilizar o `secrets.compare_digest()`, isso estará seguro contra um tipo de ataque chamado "timing attacks" (ataques de temporização).

### Ataques de Temporização

Mas o que é um "timing attack" (ataque de temporização)?

Vamos imaginar que alguns invasores estão tentando adivinhar o usuário e a senha.

	success := lm.unlock(isWriteLock)
	if !success {
		panic("Trying to Unlock() while no Lock() is active")
	}
}

// RUnlock releases a read lock held on lm.
//
// It is a run-time error if lm is not locked on entry to RUnlock.
func (lm *LRWMutex) RUnlock() {
	isWriteLock := false
	success := lm.unlock(isWriteLock)
	if !success {
		panic("Trying to RUnlock() while no RLock() is active")
	}
}

      slowFactorials[i] = RANDOM_SOURCE.nextInt(factorialBound);
      binomials[i] = RANDOM_SOURCE.nextInt(factorials[i] + 1);
    }
  }

  /** Previous version of BigIntegerMath.factorial, kept for timing purposes. */
  private static BigInteger oldSlowFactorial(int n) {
    if (n <= 20) {
      return BigInteger.valueOf(LongMath.factorial(n));
    } else {
      int k = 20;

// Events have a limited retention time and triggers and messages may evolve
// with time.  Event consumers should not rely on the timing of an event
// with a given Reason reflecting a consistent underlying trigger, or the
// continued existence of events with that Reason.  Events should be
// treated as informative, best-effort, supplemental data.
message Event {