Hacker News new | past | comments | ask | show | jobs | submit login

Nobody is talking about it, but to compromise someone, you also need the username, which is not sent.



Ah, that's true. In any case, I don't think this is really a reasonable vector of attack, I was just being pedantic at jgc's "the password is not sent" comment.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: