On Wednesday, 13 April 2016 at 13:17:57 UTC, cym13 wrote:
There's a world between exceptionnaly getting a user password in order to detect and solve a bug through an error message and knowingly logging every single user password, be it only on the legal side.
The latter shouldn't be needed. When you log everything, you just write garbage logs, that are impractical to process.
