Ask HN: How is LDAP not a huge security risk?

Ask HN: How is LDAP not a huge security risk?

5 points by underyx on Nov 2, 2016

hide

past

favorite

16 comments

So, I’m thinking, if you have like 50 services connected to LDAP, with some being mission critical, and some being just quick hackathon projects that needed authentication, a bug (edit: a bug that leaks the password) in any of these services (no matter how unimportant) would compromise everything.

How come I didn’t find any literature about this issue? Is there some solution I don’t know about? If not, why do people even use LDAP if it’s so inherently insecure?