Y
Hacker News
new
|
ask
|
show
|
jobs
by
ThePowerOfFuet
1838 days ago
Correct, but it's generated only when they initiate the reset-password flow, and should be time-limited and only usable once. It's not stored in the database for long periods.