Presumably you enter dummy data to validate first. What if it doesn’t send that,... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		scintill76 on Sept 2, 2020 \| parent \| context \| favorite \| on: Why I Actively Discourage Online Tooling like jwt.... Presumably you enter dummy data to validate first. What if it doesn’t send that, but does send the real data?

shawnz on Sept 2, 2020 [–]

Then I'd change the keys in that rare circumstance. What are the chances the attacker will be able to take advantage of the leak before I have a chance to change them, particularly given an attack like this would likely be a blanket attack and not targeted?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact