#password
-
Authentication
Useful HTML attributes and advice from @adactio when dealing with 2FA and authentication, e.g. on password change forms, use... -
How to send secrets to me [with GPG]
-
What does the NCSC think of password managers?
Spoiler: use them -
Building account systems
Advice on dealing with accounts and passwords when building a web app -
Understanding one-time passwords
-
Let them paste passwords
Advice from the National Cyber Security Centre (terrible name, good advice) that stopping pasting passwords is a bad thing... -
Reposted a post on
Twitter
-
Password guidance: executive summary - GOV.UK
-
Medium have adopted the passwordless login pattern: one-time expiring link via email instead of requiring a password https://medium.com/the-story/signing-in-to-medium-by-email-aacc21134fcd
-
Password Masking
Single-page site presenting a study into the effects of showing vs masking a password when entering it in an input field. In... -
Reposted a post on
Twitter
-
Showing Passwords on Log-In Screens
Why you should do so (by @lukew) -
Ruby One Time Password
A ruby library for generating one time passwords (HOTP & TOTP) according to RFC 4226 and RFC 6238 -
Random Key Generator
Strong, WPA, WEP, etc. passwords -
Random password generator
Ignores l, 1, 0, o, i and Q -
Rate limiting with memcached
Great idea for limiting access attempts using memcached rather than repeated database hits. Suggested use is resisting...Categories
-
Anti-pattern recognition
Jeremy’s crusade against the password anti-pattern continues. I fully agree. -
Ruby password strength calculator
-
Adactio: Journal - The password anti-pattern
Asking users for their Gmail/Hotmail/Yahoo email and password to find their friends is bad: “it’s a horrible precedent that...Categories
-
Coding Horror: You're Probably Storing Passwords Incorrectly
Encrypt your passwords or you’re a wally