This website contains age-restricted materials including nudity and explicit depictions of sexual activity.
By entering, you affirm that you are at least 18 years of age or the age of majority in the jurisdiction you are accessing the website from and you consent to viewing sexually explicit content.
Jesus tap dancing christ. I understand the difference between CC + CCV + expiry date and an oauth token (or whatever protocol they’re using for identification and authentication). I’m saying that not expiring auth codes when new cards are issued is a security and privacy issue. Users should ideally be given a switch to opt in to behavior like that. It should not be the default.