Y
Hacker News
new
|
ask
|
show
|
jobs
by
malcolmhere
3750 days ago
Well spotted - I kind of mangled that explanation. The risk being mitigated is if somebody gets a
dump
of your old emails. Short-lived reset tokens don't help if they have full access to you email account.