|
|
|
|
|
|
by ozim
1003 days ago
|
|
|
So SAS tokens are worse that some admin setting up "FileDownloaderAccount" and then sharing its password with multiple users or using the same for different applications? I take SAS tokens with expiration over people setting up shared RBAC account and sharing password for it. Yes people should do proper RBAC, but point a company and I will find dozens "shared" accounts. People don't care and don't mind. When beating them up with sticks does not solve the issue SAS tokens while still not perfect help quite a lot. |
|
|