Hacker News new | comments | show | ask | jobs | submit login

No, not at all. There are many scenarios in which data can be accessed read-only such as ACL misconfiguration, poorly secured backups, 0-day attacks which allow stealing cryptographic keys, overly verbose exception messages, etc.

An adversary who makes a single copy of your database could impersonate any user, and go unnoticed for potentially a huge period of time unless you have good intrusion protection. A targeted attack might steal just a single token, and could last a few seconds only, but then have unauthorised access indefinitely via the token.

EDIT: Incidentally this is why only the hash of the token should be stored in the database, just like storing passwords. Also the token should expire.

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact