> Probably the best thing to do is set the access count limit to one. You’d bett... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tatersolid on March 13, 2021 | parent | context | favorite | on: Bitwarden Send - A trusted way to securely share i...

> Probably the best thing to do is set the access count limit to one.

You’d better use at least two. Nearly every email service in 2021 has anti-malware and anti-phishing which was inspects links as a security feature. This often breaks poorly designed “one time” links like password resets that incorrectly use non-idempotent GET requests.

justusthane on March 13, 2021 [–]

Interesting, good point. Unfortunately that means that you can no longer be sure that it hasn't also been accessed by a malicious third party though.

mhdhn on March 13, 2021 | [–]

Now you're in a trust relationship with receiving party's antispamware? Great

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact