Story

How Not to Write an API

Preview

Deeper problem (Score: 5, Insightful)

by mth@pipedot.org on 2014-03-10 15:06 (#CG)

It is not just a bad idea to return a password through an API; a properly designed application wouldn't even be able to offer such an API call because it would store password hashes instead of actual passwords.

Re: Deeper problem (Score: 5, Informative)

by bryan@pipedot.org on 2014-03-10 15:08 (#CJ)

And don't forget to salt them too! Lots of people always seem to forget the salt.

Moderation

Time Reason Points Voter
2014-03-10 20:47 Informative +1 bryan@pipedot.org
2014-03-10 16:17 Funny +1 danieldvorkin@pipedot.org
2014-03-11 07:37 Informative +1 hager@pipedot.org
2014-03-10 17:38 Informative +1 jeditrainer@pipedot.org
2014-03-11 00:30 Informative +1 ricardo@pipedot.org

Junk Status

Not marked as junk