Hacker News new | past | comments | ask | show | jobs | submit login

Why not both?



Maybe they're doing this now that it's a real problem?

At any rate, don't store really sensitive stuff on Github. It's a bad idea for many reasons, security flaws being one. In particular, keep in mind things like AWS server credentials which might go in your repository.


Doing it by username means the real user can lose access to their account, whilst it is being attacked, even though they might have strong password.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: