|
|
|
|
|
|
by gregmac
1400 days ago
|
|
|
This is an excellent point, but there's nuance to it. This seems like an acceptable solution for email and a lot of other PII. However, if you were to propose the same thing for passwords, with the same argument, I'd be dead against it -- even beyond the total lack of need for the system to ever have the actual password. I'm not quite sure how to explain this, though. |
|
|