Y
Hacker News
new
|
ask
|
show
|
jobs
by
pavpanchekha
5467 days ago
The URLs are usually time-linked, one-time, and service-specific, as opposed to the password, which 1) is permanent, 2) can be used without the user knowing, and 3) is likely to be used on other services as well.
1 comments
eru
5467 days ago
Also a legitimate user will notice when somebody resets their password, because their old password won't work any more.
link