i think what we can do is to run static code analysis to ensure all public methods have the third level authentication written in it. However it won't solve problem of making mistakes in the db queries. would love to…
I agree on the fact that 'Generate temp password' will require more dev and user efforts but i don't think 'generate password' is more vulnerable than the link if the generated password is time bound. Also to make 'the…
i think what we can do is to run static code analysis to ensure all public methods have the third level authentication written in it. However it won't solve problem of making mistakes in the db queries. would love to…
I agree on the fact that 'Generate temp password' will require more dev and user efforts but i don't think 'generate password' is more vulnerable than the link if the generated password is time bound. Also to make 'the…