Hacker News new | past | comments | ask | show | jobs | submit login

I'm confused. How exactly is the nonce to be used if without a link?

I was under the impression that best practice was a link with a randomly generated key that has an expiration date (and is expired as soon as it is used). The only security hole here is if the email is intercepted (and you've got other problems at that point).




This system didn't use a nonce or a key referenced against a database. It simply base-64 encoded the email address.


i think you're actually agreeing. what one of you is calling a key the other calls a no[u]nce.

the implicit (worse) alternative is that you encrypt or sign additional state in the url (and in this case, base64 was the "encryption").


I realize that key == nonce in my post. My point was against the statement "emailing password reset links is bad and not best practice." You need an password link to make use of the key/nonce. The point of the nonce isn't to eliminate links. It's to make the attack surface that much smaller by limiting their power.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: