In theory, everyone knows what's the best (or at least a good enough) way to do something like this.
In practice, there's a lot more things involved leading to stupid decisions like this. Something that was supposed to be temporary made permanent by growing technical debt, unclear responsibilities, moving priorities, etc.
Security is never any company's top priority just because it's not visible. Changing a color of a button is normally more important.
In practice, there's a lot more things involved leading to stupid decisions like this. Something that was supposed to be temporary made permanent by growing technical debt, unclear responsibilities, moving priorities, etc.
Security is never any company's top priority just because it's not visible. Changing a color of a button is normally more important.