Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It depends on stuff.

Sometimes a URL can have a password in it.

But when it's just a sequential-ish ID number, you have to accept that people will change the ID number. If you want security, do something else. No prosecuting.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: