|
|
|
|
|
|
by crescentfresh
2999 days ago
|
|
|
Unrelated, but this reminded me of my very first real, salary developer job where I added logging to the web application. I remember logging failed password attempts specifically; I didn't give a second thought to simply logging the values of all form fields, seemed easiest at the time in case the developer changed the names of the fields. It wasn't until a review by one of the senior devs that saw passwords in the log files - and with eyebrows raised asked "wth are you doing" - that it dawned on me, "oops". I'm glad that never made it out to production. |
|
|