But it's signed. So, when you receive a token that you emitted, you can verify that you actually emitted it.

That way, you can create a token with an expiration of, let's say, 1 week. And then when the user comes back the next day with the token, you know that user is still logged in to your system.

  /*
   * We use large numbers to avoid the integer cache. Normally, we'd accomplish that merely by using
   * `new Integer` (as we do) instead of `Integer.valueOf`. However, under J2KT, `new Integer`
   * gets translated back to `Integer.valueOf` because that is the only thing J2KT can support. And
   * anyway, it's nice to avoid `Integer.valueOf` because the Android toolchain optimizes multiple

  /*
   * We use large numbers to avoid the integer cache. Normally, we'd accomplish that merely by using
   * `new Integer` (as we do) instead of `Integer.valueOf`. However, under J2KT, `new Integer`
   * gets translated back to `Integer.valueOf` because that is the only thing J2KT can support. And
   * anyway, it's nice to avoid `Integer.valueOf` because the Android toolchain optimizes multiple

   * ParametricNullness parametric nullness}. Sometimes, code may receive a null {@code T} but store
   * a "null sentinel" to take its place. When the time comes to convert it back to a {@code T} to
   * return to a caller, the code needs to a way to return {@code null} from a method that returns
   * "plain {@code T}." This API provides that.
   */

    public boolean verifySignature(final byte[] buffer, final int i, final int size) {
        // observed too that signatures on error responses are sometimes wrong??
        // Looks like the failure case also is just reflecting back the signature we sent

        // with SMB3's negotiation validation it's no longer possible to ignore this (on the validation response)
        // make sure that validation is performed in any case

    ...
```

Python will have to compare the whole `stanleyjobso` in both `stanleyjobsox` and `stanleyjobson` before realizing that both strings are not the same. So it will take some extra microseconds to reply back "Incorrect username or password".

#### The time to answer helps the attackers { #the-time-to-answer-helps-the-attackers }

                                </table>
                            </div>
                            <div class="card-footer">
                                <button type="submit" class="btn btn-default" name="list" value="back">
                                    <em class="fa fa-arrow-circle-left">
                                    <la:message key="labels.crud_button_back"/>
                                </button>

* key (as in key-value pair, dictionary key): clave
* array (as in JSON array): array
* API key: API key (do not translate to "clave API")
* 100% test coverage: cobertura de tests del 100%
* back and forth: de un lado a otro
* I/O (as in "input and output"): I/O (do not translate to "E/S")
* Machine Learning: Machine Learning (do not translate to "Aprendizaje Automático")

        assertTrue(queryCommand.lowercaseWildcard);

        // Test setting to false
        queryCommand.setLowercaseWildcard(false);
        assertFalse(queryCommand.lowercaseWildcard);

        // Test setting back to true
        queryCommand.setLowercaseWildcard(true);
        assertTrue(queryCommand.lowercaseWildcard);
    }

    public void test_convertWildcardQuery_withBoost() throws Exception {

        assertEquals("updated", item.toLineString());

        // When marked for deletion
        item.setNewInput("");
        assertEquals("", item.toLineString());

        // When newInput is set back to null
        item.setNewInput(null);
        assertEquals("original", item.toLineString());
    }

    public void test_toLineString_withEmptyInput() {
        // Test toLineString with empty original input