|
|
|
|
|
|
by unscaled
2524 days ago
|
|
|
No, this is not what I'm saying. Nobody is asking you to store passwords in cookies. JWT is just a badly designed standard which like many other badly designed standards (XMLDsig, older versions of TLS) can be used safely if you choose the safest subset you can and tread with care. But there are faster, simpler and more secure replacement for JWT nowadays like PASETO. If you can, you should use them. |
|
|