top | item 42957099 (no title) petedoyle | 1 year ago Maybe they wanted some cached data to get invalidated if users change their passwords? discuss order hn newest duskwuff|1 year ago Then use some other data which can act as a proxy for that, like the date of the last credential change. Using the password itself is a terrible security smell.
duskwuff|1 year ago Then use some other data which can act as a proxy for that, like the date of the last credential change. Using the password itself is a terrible security smell.
duskwuff|1 year ago