public marks

PUBLIC MARKS from Spone with tag security

2016

The Basics of Web Application Security

Modern web development has many challenges, and of those security is both very important and often under-emphasized. While such techniques as threat analysis are increasingly recognized as essential to any serious development, there are also some basic practices which every developer can and should be doing as a matter of course.

2014

Secure Salted Password Hashing - How to do it Properly

by 3 others, 2 comments
If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain how to do it properly.

Cheat Sheets - OWASP

by 2 others
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by multiple application security experts and provide excellent security guidance in an easy to read format.

2013

My First 5 Minutes On A Server; Or, Essential Security for Linux Servers | Bryan Kennedy

Server security doesn’t need to be complicated. My security philosophy is simple: adopt principles that will protect you from the most frequent attack vectors, while keeping administration efficient enough that you won’t develop “security cruft”. If you use your first 5 minutes on a server wisely, I believe you can do that.

2012

Storing Passwords Securely

by 1 other
Time and time again you hear about a company having all of their users' passwords, or "password hashes", compromised, and often there's a press response including one or more prominent security researchers demonstrating how 1,000 users had the password "batman", and so on. It's surprising how often this happens considering we've had ways to do password authentication that don't expose users' passwords, or at least makes it significantly harder to crack them, for several decades.

2011

The Usability of Passwords (by @baekdal) #tips

Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice, because you can actually make usable, easy to remember and highly secure passwords. In fact, usable passwords are often far better than complex ones. So let's dive into the world of passwords, and look at what makes a password secure in practical terms.

Naked Password - jQuery Plugin to Encourage Stronger Passwords

by 3 others
The whole idea of naked password is to encourage your users to enter stronger passwords. Our beautiful model Sally tastefully removes items of clothing as the password grows stronger.

Main Page - OWASP

by 9 others
The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

2008

Spone's TAGS related to tag security

api +   application +   astuces +   authentication +   bcrypt +   best practices +   cryptage +   développement +   firewall +   flickr +   framework +   guidelines +   hacks +   hashing +   html +   identity +   javascript +   jQuery +   linux +   mot de passe +   mp3 +   openid +   opensource +   organisation +   passwords +   php +   plugin +   protocol +   proxy +   rails +   rest +   salt +   software +   spam +   spyware +   trust +   upload +   ux +   xml +