Security Tips
Security Tip: Encrypting Environment Files?
[Tip#34] In September, Laravel 9.32 added the ability to encrypt environment files... but do you need to use it?
In Depth
In Depth: "Password Generator" Security Audit
[InDepth#12] In November 2022, Steve McDougall published a tutorial called "Creating a Password Generator"... we're going to audit his code!
Security Tips
OWASP Tip: A02:2021 – Cryptographic Failures
QmFzZSA2NCBpc24ndCBlbmNyeXB0aW9uIQ==
In Depth
In Depth: Magic Emails
[InDepth#10] One time codes, magic links, and more...
In Depth
In Depth: Signed URLs
[InDepth#9] One of the many awesome and completely underrated Laravel security features.
Security Tips
Security Tip: Cryptographically Secure Randomness
[Tip#19] Because all randomness should be cryptographically secure.
In Depth
In Depth: Rehashing Passwords
[InDepth#5] It sounds easy to rehash passwords, but is it really that easy?
In Depth
In Depth: Encryption
[InDepth#1] Let's take a look at how Encryption works in Laravel, where it's used, and how you can use it within your applications.
Security Tips
Security Tip: Custom Encryption Keys for Cast Model Attributes
[Tip#1] A simple but quite important tip, how to use a custom encryption key for encrypted casting within Models.