I object in general to the widespread practice of using tokens that contain sema... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on July 5, 2012 \| parent \| context \| favorite \| on: Sqlmap: Automatic SQL injection and database takeo... I object in general to the widespread practice of using tokens that contain semantically interesting information protected by encryption.

ScottBurson on July 5, 2012 [–]

Got it. Didn't realize that was so widespread.

ontoillogical on July 5, 2012 | [–]

You'd be surprised to know how often it's just the username encoded in base64...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact