Tangential: With the recent screw-up of Facebook logging user passwords in clear... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		godot on March 27, 2019 \| parent \| context \| favorite \| on: Application-Level Logging Best Practices Tangential: With the recent screw-up of Facebook logging user passwords in cleartext in (what I presume to be) this type of logging, I thought (before clicking) that an article named "Application-Level Logging Best Practices" would say something about stripping out passwords etc. when logging anything that involves user inputs. In fact, I thought it was what prompted this post. :)

objectified on March 27, 2019 [–]

In case you are still interested in reading about the security aspect of logging, there is the OWASP Logging Cheat Sheet dedicated to this:

https://github.com/OWASP/CheatSheetSeries/blob/master/cheats...

stefant on March 27, 2019 | [–]

Thx for sharing, interesting.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact