"Let's add security later"

...or never

In prototypes yes, but in production...... NNNOOOOOOOOOO

Now that's the wrong fucking attitude. Hope he burns in hell.

Famous last words.

@CozyPlanes except if they put the prototype into production.

The last CTO (cheif technology overlord) I had said this. He came from the banking industry and we were working with bank account information.

Left that place fast.

@aquacash5 If a prototype enda up in production, they've misunderstood the concept of prototyping. A prototype should be disposable and minimal.
I know there exists definitions of prototyping saying that it can be turned into production code. But that's flawed and introduces great risk
Edit: This is not pointed at you, or saying that, that's what you do.

A week ago i said to my boss,
Me : boss, i see this password is sent unencrypted. I got an email stacktrace contain plain customer password.
Boss : let me see, hmm... no problem.
Me : ......

Two weeks later: 1=1

Later == never

"Let's turn off security on test server during testing"

We don't need HTTPS

Funny enough its a norm to get d code up and running at first

@CozyPlanes but why would we spend 2 weeks working for no visible changes!? (Managerial staff, business users, etc)