|
|
|
|
|
|
by munk-a
2653 days ago
|
|
|
There is a separate thread about security best practice learning that touches on the question of if the rote security knowledge we pass on is making it more likely that someone logs a password. I think a discussion around logging habits is much more relevant and while elasticsearch may have _also_ been misconfigured, pumping passwords into an internally viewable log file is a bad idea even if that file is well secured. |
|
|