It's a pure math equation. You know you'll have more money at the end of the day if you keep as much as you can in a HYSA.
So do the math on exactly how much more.
Is that amount worth your peace of mind over that long a time period? Is your partner someone you want to spend that much money on right now?
These are simple questions to ask: maybe harder to answer. But once you have them, just make a choice and be happy with it.
All but confirms
So not confirmed
An API token is more secure than a password by virtue of it not needing to be typed in by a human. Phishing, writing down passwords, and the fact that API tokens can have restricted scopes all make them more secure.
Expiration on its own doesn't make it more secure, but it can if it's in the context of loading the token onto a system that you might lose track of/not have access to in the future.
Individual API tokens can also be revoked without revoking all of them, unlike a password where changing it means you have to re-login everywhere.
And that's just the tip of the iceberg. Lmk if you have questions, though.
Right?? To let your website be susceptible to that kind of act by anyone means that you probably didn't really care about security in the first place, so much as just getting the magic lock icon happy.
DAE enshittification bad!!1!
As a Bay area native, I've never encountered worse drivers than the entire state of Maryland.