Think back to the web of fifteen years ago. Most of the web sites of the time consisted of a few pages of content along with a contact page (and maybe even a guestbook.) Most often that contact page was backed by a script that mailed the results to a fixed e-mail...
How does a one-time password work? Photo by EdwinMSarmiento If you read a previous article I wrote, you’ll remember that I mentioned the use of multi-factor authentication. One common tool for implementing the something you have factor is the one-time password. When...
I can’t think of anyone who would argue that keeping e‐mail private is of little import or an easy task. I use e‐mail as storage for personal information, for authentication, and for communicating when I want the communications to be private. Such private information...
(This is part 2 of a series on web security; see part 1.) In my last post we saw that what your users don’t know can hurt them. In other words, how securely you handle your users’ private data behind the scenes can have profound implications both for your...
(This is part 1 of a series on web security; see part 2.) What’s wrong with this code? [gist]3105417[/gist] Any jokester who says “it looks fine to me” will be sent to the spice mines of Kessel. But I think for observant readers, a couple of critical...