Comment by rustyhancock
17 days ago
I've always wondered if it's stateless how do I rotate a password? Either due to leaking or just periodically.
It seems particularly important since this doesn't defend against compromised local environment.
17 days ago
I've always wondered if it's stateless how do I rotate a password? Either due to leaking or just periodically.
It seems particularly important since this doesn't defend against compromised local environment.
Rotation is explicit and deterministic via the version parameter. Old passwords can be regenerated for rollback; new ones don’t require storage.
But you have to remember a version parameter per password??