Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If I'm following the suggestion, then it's just logs which keys were accessed:

"employee id 1234 accessed "email, password hash, location, birthday" about customer id 6789 on 2020-09-01"

nothing particularly sensitive in there, but makes it easy to audit and check for abnormalities.



Nothing sensitive about what you just described? Seems like with that info you can start making intelligent answers to security questions or possible rainbow table look ups.


It's the column headings, though.


Ahhh, I'm a dolt. I read that as variables in your comment rather than that is literally the data that is returned. Thanks for clarifying


Doesn't look like I can edit, but I could have been more clear




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: