|
|
|
|
|
|
by downandout
4212 days ago
|
|
|
> Security is hard. Secuirty is hard. But activating tokens before a user has actually logged in is a breathtakingly incompetent, fundamental design flaw. How such code ever made it into the production code base of a company responsible for protecting billions of dollars along with financial information for a significant portion of the world is incomprehensible. It makes me wonder what else is lurking over there. |
|
|