Comment by UncleEntity
3 years ago
…which gets promptly forgotten about after it’s initial use case and years later your user database gets sold on the internet.
How many “low-impact” things have been compromised over the years, I wonder?
3 years ago
…which gets promptly forgotten about after it’s initial use case and years later your user database gets sold on the internet.
How many “low-impact” things have been compromised over the years, I wonder?
Unless you have anyone competent running the DNS config, or have a ticketing workflow of any kind, and I can't figure out what you think a DNS record with a onetime validation token could do if left unmanaged beyond some adversary discovery.