|
|
|
|
|
|
by Ferret7446
670 days ago
|
|
|
> a simpler system (like per-app passwords) can make a system overall more secure because there will be less mistakes being made But a mistake WILL be made, because humans are fallible, and mistakes with a long lived bearer token can be extremely damaging, and can remain latent for a long period of time (e.g., password accidentally saved on disk and "deleted"). With proper OAuth, a lot of mistakes can be practically harmless (e.g., access token accidentally saved somewhere). |
|
|