Hi just a quick question about security I may not be the only one wondering this so thought I'd ask. Anything in the public/ directory is public. So that means all featured images would be publically accessible providing you can guess the randomly generated URL. Is this covered in the Authorization is a requirement lesson where we ensure only the user can access their own idea images?

With the withInput and old, would you normally do something in the component so it doesnt reshow the password?

At 7:28 I assume you meant to remove a validation rule, however there isn't one currently in the update method. Instead you remove the update on the Idea model. Presumably this is a mistake? Great tutorial so far btw :)