Agree. I know it says that you can't do anything with the data, since necessary ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mc32 on Nov 7, 2011 \| parent \| context \| favorite \| on: One-time Secret: Share passwords etc with URIs tha... Agree. I know it says that you can't do anything with the data, since necessary information isn't available. But... even if its random, it is known that it is a password. So, it's feasible to build a table of known passwords, at least.

wccrawford on Nov 7, 2011 [–]

How would that work? The URL only works once, so even if they crawled every possibility, the intended recipient would never get it, and would alert the sender.

mc32 on Nov 7, 2011 | [–]

I'm just theorizing. But let's say the site gets compromised for a few days/weeks and they don't find out.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact