|
|
|
|
|
|
by mgbmtl
3529 days ago
|
|
|
The links usually expire after 24 hours (attack window), if unused. Loading the page without clicking does not invalidate the link. I agree this is not highly secure. It's basically one notch above sending cleartext passwords by email (which many websites unfortunately still do). |
|
|