Here is a good example of the kind of insecure practices application developers are doing out there.
http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-October/008535.html
Thank you Jim Burton for being concerned and speaking out. I have to admit laughing out loud when first reading this. That may have been wrong of me.
