public marks

PUBLIC MARKS from Spone with tags "best practices" & security

2017

Let them paste passwords - NCSC Site

We think that stopping password pasting (or SPP) is a bad thing that reduces security. We think customers should be allowed to paste their passwords into forms, and that it improves security.

2016

The Basics of Web Application Security

Modern web development has many challenges, and of those security is both very important and often under-emphasized. While such techniques as threat analysis are increasingly recognized as essential to any serious development, there are also some basic practices which every developer can and should be doing as a matter of course.

2014

Cheat Sheets - OWASP

by 2 others
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by multiple application security experts and provide excellent security guidance in an easy to read format.

2012

Storing Passwords Securely

by 1 other
Time and time again you hear about a company having all of their users' passwords, or "password hashes", compromised, and often there's a press response including one or more prominent security researchers demonstrating how 1,000 users had the password "batman", and so on. It's surprising how often this happens considering we've had ways to do password authentication that don't expose users' passwords, or at least makes it significantly harder to crack them, for several decades.