Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you suggesting a disgruntled former employee could use the password and do things? At that point, I have questions. How is the former employee accessing the cloud service? If your cloud is allowing public access without a VPN, then you've done something wrong there. If the former employee is still accessing your VPN, again, you've done something wrong. Many other things still come to mind but point back to you well before password rotation rules.


Yeah. I agree. We have a strong offboarding process as well. But other employers? I mean. I’ve seen some shit in my day.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: