Y
Hacker News
new
|
ask
|
show
|
jobs
by
paxys
376 days ago
Especially since the request contains the user's (hashed) passwords. You definitely don't want to be holding that on the server for longer than necessary.