Authy got hacked, and 33 million user phone numbers were stolen - eviltoast
  • NateNate60@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    The scenario you described would not be breaking in.

    Terms and conditions being agreed to are not relevant for this purpose. An exposed API is one that is welcome to be exploited. If you’re not requiring an API key, you’re essentially saying “This API is free for anyone to use” for security purposes, regardless of what you say in the terms and conditions.