Friday, May 14, 2021

Anecdote: Replacing plaintext user id and password with password vault

I just reviewed code where they are trying to replace configuration files that have user ids and passwords in plaintext to a password vault. The hilarious part is that they comment out the old configuration file which contains the credentials.

The habit here is that developers are always afraid to lose code even if there exists a million backups (or maybe because their exists a million backups), so they comment out old sections.

The code even goes through two code reviews before it reaches me. 


No comments:

Post a Comment