Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
gleb
on July 23, 2012
|
parent
|
context
|
favorite
| on:
All you ever wanted to know about building a secur...
That's a good point. You want the signed url to be one-use only. last_changed_password_at is a good solution, and a useful field to keep anyway.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
