Y
Hacker News
new
|
ask
|
show
|
jobs
by
tzhenghao
2966 days ago
Hmm why should passwords (hashed or not) be stored in logs though? I don’t see a reason for doing that. You could unset it (and/or other sensitive data) before dumping them into logs.
3 comments
Zombieball
2966 days ago
They shouldn’t. It was an unintentional bug
link
patrickthebold
2966 days ago
They shouldn't. It was a mistake.
link
Leka74
2966 days ago
Probably logging the HTTP/S requests, which included usernames & passwords in plaintext.
link