Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is why it's a bad idea to provide passwords via arguments to commands. For example:

  mysql --user=root --password=iluvmuffy44


I was appalled when an application - one we paid a lot of money for - did just that by default.

Which is funny because their app sits on top of WebLogic which provides an easy-peasy way of encrypting the passwords. The vendor either doesn't know enough about WLS to make it happen or they don't care.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: