Y
Hacker News
new
|
ask
|
show
|
jobs
by
petedoyle
498 days ago
Maybe they wanted some cached data to get invalidated if users change their passwords?
1 comments
duskwuff
497 days ago
Then use some other data which can act as a proxy for that, like the date of the last credential change. Using the password itself is a terrible security smell.
link