From 198ab207640f325a333abd61ed09f539cc554dd6 Mon Sep 17 00:00:00 2001 From: Kristian Koehntopp Date: Mon, 11 Nov 2024 19:44:32 +0100 Subject: [PATCH] fix 2024-10-31-mysql-dual-passwords.md --- content/posts/2024-10-31-mysql-dual-passwords.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/posts/2024-10-31-mysql-dual-passwords.md b/content/posts/2024-10-31-mysql-dual-passwords.md index a1f4738157..f4498010c1 100644 --- a/content/posts/2024-10-31-mysql-dual-passwords.md +++ b/content/posts/2024-10-31-mysql-dual-passwords.md @@ -37,7 +37,7 @@ I mean, if you implement such a feature, you'd would ask yourself "What for?", a if it is a security feature, you'd also always ask "How can I prove that it is working as intended?" Somehow that has not happened, yet, for this particular feature – for almost two years now? -Until then, my advice would be doing as suggested in my 2033 article, and rotate accounts for machine logins. +Until then, my advice would be doing as suggested in my 2023 article, and rotate accounts for machine logins. It is much easier to account for, you are generating machine accounts automatically anyway and use a mechanism such as Vault or similar to distribute login information to client applications.