Tip To Developers … Avoid Using Immutable Types for Passwords and Sensitive User Data
Published in
3 min readFeb 17, 2019
Here is a discussion with a developer on their code …
“Why have you stored the passwords as string?”, “Passwords are just strings. What’s the problem?”, “Well, strings are immutable objects”. “But I allocate a null string after I use it, so it’s okay!”, “But that doesn’t actually erase it from memory”. “Yes, it does”…