Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
petedoyle
1y ago
0 comments
Save
Share
Maybe they wanted some cached data to get invalidated if users change their passwords?
0 comments
1 comments · 1 top-level
top
newest
oldest
duskwuff
1y ago
Then use some other data which can act as a proxy for that, like the date of the last credential change. Using the password itself is a terrible security smell.
j
/
k
navigate · click thread line to collapse
