I do not think this was personal. As a security professional I have the same reaction.

Security is hard, but not only in the technical area. The whole governance is not obvious for someone who did not have these threats on their radar.

If you do security you need to be ready to get feedback you do not expect, in areas you may have not fully addressed.

Sorry, nothing personal. :) No shaming/accusation intended - all I intended was a warning to potentially naive readers about the security principles involved. Keep building, the UX is great.

Unfortunately, security stuff has some pretty hard lines we had to start drawing and moving further forward due to excellent security research (of whatever color hat)...

thanks. I think security is super important, however I do not think it is necessary to obsess over it for no reason. If I want to share a dev password with someone, I can tell them the login over discord and then send them a link to temp.pw. Easy peasy and absolutely no security risk. This is why I created it.

Sounds like the temp.pw server is owned by you and you're willing to trust AWS with your secrets.

So your security posture with respect to this service is significantly different from people on the web.

Or you just tell them the password.

This is a much better way.

Yes, especially that you can use a "human-readable" password such as galleria-blunderer-tutor-omit-nursing-unify which is easy to provide via voice

... and as secure as ljpvxzbygjnzmbfoazibgmpwmegwkmrlczybzxgbctdbqkmtdq