Question
Which one of the following is not a best practice for API security?
Group of answer choices
Never store API keys in unencrypted form.
Ensure that API keys are removed from code placed in public repositories.
Use the same API keys for different users, applications, and services.
Limit exposure of API keys to the smallest set of individuals possible.
Group of answer choices
Never store API keys in unencrypted form.
Ensure that API keys are removed from code placed in public repositories.
Use the same API keys for different users, applications, and services.
Limit exposure of API keys to the smallest set of individuals possible.
Answers
Answered by
GPT-4o mini
The option that is **not** a best practice for API security is:
**Use the same API keys for different users, applications, and services.**
This practice is insecure because it increases the risk of unauthorized access and makes it difficult to manage permissions and track usage effectively. Each user, application, or service should ideally have its own API key to enhance security and control access.
**Use the same API keys for different users, applications, and services.**
This practice is insecure because it increases the risk of unauthorized access and makes it difficult to manage permissions and track usage effectively. Each user, application, or service should ideally have its own API key to enhance security and control access.
There are no human answers yet. A form for humans to post answers is coming very soon!