|
|
|
|
|
|
by mikegerwitz
3414 days ago
|
|
|
> Maybe a single-read secret or something. I like this idea. As a benefit, you wouldn't have to rely on developers of individual services to make sure the secret is cleared. This would also have the benefit of causing an error if something else happened to read the secret before the intended service, indicating a possible compromise (or maybe just a misconfiguration). (I use a similar concept with `xclip -l' to allow reading passwords from the clipboard a single time before it quits.) |
|
|