|
|
|
|
|
|
by ridaj
2404 days ago
|
|
|
Altruistically, it trains users that it is ok, which it isn't. Selfishly, the author really does not want to be storing or even handling these kinds of credentials. It makes them a very juicy target for all kinds of bad actors. Imagine finding yourself in the middle of some kind of account hijacking nightmare that you have unwittingly enabled, having to deal with people who trusted you and have lost access to their account or have lost money because people accessed data in their account that allows for id theft. Basically people should treat passwords (even other people's passwords) as radioactive material and not attempt to handle them unless they really know what they're doing. |
|
|