Last week, I wrote about crafting a CSP for my professional site. This week, I’m going to add reporting so that when things go wrong, I know what went wrong.
Seems like I’m talking a lot about 1Password (and password managers in general) these past few weeks. Well, it’s because I think they are awesome and an invaluable tool if you want to secure yourself on the internet these days. In this article, I’m going to explain why you should use two factor authentication (2FA) and how you can set it up with 1Password, so you only need to do it once.
Password managers are undervalued. Not only do they provide an easier way to store passwords, they offer so many little security enhancements I start to take for granted.
The software I’m working on needs a new authorisation system. The system needs to be prepared for 3 scenarios: to restrict access to a page, to hide part of a page and to block access to data. Let’s solve these problems using claims.
Troy Hunt tweeted how a site uses a fake password field so that browsers wouldn’t show the insecure warning. If you want to know the details of this incident, I gladly refer to Troys blog post. In this blog, I want to talk about the deliberate malpractice that goes into this behaviour.
For a few weeks now, I’ve updated the look and feel of this blog. Let me give you a quick explanation why I did this.
With my experience in IT, it’s more surprising that such a massive attack took so long to happen.