Comment by chis

Comment by chis 4 days ago

2 replies

View on Hacker News

Is this really just google=bad, though? I work at a startup and this seems like a legit security risk that I'm happy to learn about.

It seems like the only mitigation would be to let your HR SAAS know when your company shutters and ask them to delete the records. Or just squat the domain yourself as an ex-employee.

paxys 4 days ago

Yes it is, otherwise the title would be "don't use your email address to log in to any application" and it wouldn't be ragebait enough. The whole issue has nothing to do with OAuth and nothing to do with Google.

Reply View 0 replies
stevage 3 days ago

Mast domains aren't that expensive. Can a startup just buy 10 years of peace of mind in its dying days?

Reply View 0 replies