Y
Hacker News
new
|
ask
|
show
|
jobs
by
nmadden
609 days ago
Exactly that. (Hijack session rather than account: any competently designed system should require re-auth before any action that would allow permanent account takeover).