loading...

re: What are the worst security practices you've ever witnessed? VIEW POST

FULL DISCUSSION
 

Good news: we have logging in our web application! Bad news: we were logging all post requests which included customer passwords, credit cards, and adresses....

Apparently, we had been doing this for years and I was the only one to recognize the phrasing "Yeah, we log post requests as well" as indicating a potentially horrifying situation.

Code of Conduct Report abuse