undefined | Better HN

0 pointsvictorbjorklund2y ago0 comments

1) Make sense. 2) Not sure about that. If someone shares their password with someone else they probably share both the username/email and the password

0 comments

amanda992y ago

Yes, people share usernames and passwords, but there's no single canonical string, like "username=amanda99&password=hithere". For example most of the time when I share user/pass combos, they are in separate messages on Signal. You type them into two different boxes, so you normally copy the username, then the password in separate actions.

nightpool2y ago

I mean, for HTTP Basic there literally is a single canonical string, and it's not uncommon to see people send you links like https://user:somepasswordhere@example.com.

I think the arguments other commenters have made about logging, browser history storage, etc are more convincing

j / k navigate · click thread line to collapse

0 comments

amanda992y ago

nightpool2y ago

I mean, for HTTP Basic there literally is a single canonical string, and it's not uncommon to see people send you links like https://user:somepasswordhere@example.com.

I think the arguments other commenters have made about logging, browser history storage, etc are more convincing

j / k navigate · click thread line to collapse