

Update on Security Incident and Additional Security Measures - dpieri
https://sendgrid.com/blog/update-on-security-incident-and-additional-security-measures/

======
onyxraven
Sendgrid recently added MFA to their logins. Also, they recently added
'multiuser' logins (different than subusers) which allow for a separate
login/password for api, smtp and web under a single account. This is a nice
addition to be able to rotate credentials without downtimes, though as they
state in the blog, even better 'api keys' should be coming soon.

That being said, is it odd that the blog says "(salted and iteratively
hashed)" passwords? Does that indicate a homegrown scheme that has unknown
properties?

