Security Tips
Security Tip: Don't Forget to Regenerate 2FA Secret Keys!
[Tip #84] It's not just passwords you need to worry about when it comes to authentication and stolen credentials: your 2FA secret keys may also be at risk!
Security Tips
[Tip #84] It's not just passwords you need to worry about when it comes to authentication and stolen credentials: your 2FA secret keys may also be at risk!
In Depth
[InDepth#24] It's time to answer the question: how do you build user registration and authentication without an enumeration vector?
In Depth
[InDepth#20] It turns out Laravel was missing an important piece of it's Authentication system: password rehashing! Let's add that in and learn how the authentication system works in the process.
In Depth
[InDepth#18] Let's take a walk through the first half of my "Th1nk Lik3 a H4cker" talk from Laracon EU & US. We'll explore the vulnerabilities behind each challenge and what I was trying to teach.
Security Tips
Don't get confused with authorisation, we're talking authENTICation this week.
Security Tips
[Tip#25] Try saying that fast 3 times...
Security Tips
[Tip#24] It may sound trivial, but it's easy to overlook.
Security Tips
[Tip#20] Laravel's helpers are great, but make sure you know everything they do before you use them.
Security Tips
[Tip#13] Blocking Compromised (Pwned) Passwords forces your users to use strong passwords, but is it the right choice for your app?
Security Tips
[Tip#12] It's easy to guess passwords if your app doesn't rate limit attempts...