In Depth
In Depth #25: Graceful Encryption Key Rotation
Laravel makes effective use of encryption for security purposes, but what happens if your encryption key needs to be rotated? Let's see how Laravel 11 handles it...
In Depth
Laravel makes effective use of encryption for security purposes, but what happens if your encryption key needs to be rotated? Let's see how Laravel 11 handles it...
In Depth
[InDepth#22] Random generates cryptographically secure random values in a range of different formats through a simple helper package for PHP.
Security Tips
[Tip#66] For those situations where you need to generate a repeatable hash or signature, reach for HMAC, rather than MD5 or SHA1.
Security Tips
[Tip#56] It may be tempting to compare keys/sensitive strings using `===`, or even `==`, but that opens you up to timing attacks! You should be using a timing attack safe string comparison function...
Newsletter
[InDepth#19] It's time to finish up the "Th1nk Lik3 a H4cker" walkthrough, looking at the rest of the challenges and the final hack from Laracon US!
In Depth
[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the common themes across the different ideas...
Newsletter
[InDepth#14] Cryptographically secure randomness is important, but so is backwards compatibility...
Security Tips
[Tip#37] To celebrate the release of Laravel 10 this week, let's take a look at one of the new (security) features!
Security Tips
[Tip#34] In September, Laravel 9.32 added the ability to encrypt environment files... but do you need to use it?
In Depth
[InDepth#12] In November 2022, Steve McDougall published a tutorial called "Creating a Password Generator"... we're going to audit his code!
Security Tips
QmFzZSA2NCBpc24ndCBlbmNyeXB0aW9uIQ==
In Depth
[InDepth#10] One time codes, magic links, and more...
In Depth
[InDepth#9] One of the many awesome and completely underrated Laravel security features.
Security Tips
[Tip#19] Because all randomness should be cryptographically secure.
In Depth
[InDepth#5] It sounds easy to rehash passwords, but is it really that easy?
In Depth
[InDepth#1] Let's take a look at how Encryption works in Laravel, where it's used, and how you can use it within your applications.