Will It Vibe logoWill It Vibe?
CRYPTO-023High severity-15 points

Weak RSA key size (< 2048 bits)

Part of Security, which counts for 30% of the overall score. When this check fires it deducts 15 points from that category, once per scan, no matter how many places it turns up.

What it detects

An RSA key is generated with fewer than 2048 bits. 1024-bit RSA is considered breakable; 2048 is the modern minimum and 3072+ is recommended for long-lived keys.

Why it matters

RSA keys below 2048 bits are within reach of well-resourced attackers; 1024-bit RSA is considered breakable and has been deprecated across standards. A weak key undermines every signature and every encryption that relies on it. Keys tend to live for years, so a weak one issued now stays exploitable for a long time.

How to fix it

Generate RSA keys at 2048 bits minimum, and 3072 or 4096 for long-lived or high-value keys. For new systems consider Ed25519, which is faster and safe at a small key size. Regenerate and rotate any key already created below 2048 bits, and re-issue anything signed with it.

The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing

Does your repo trip this check?

Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.

Scan your repo

Related Security checks