Cryptography

Newsletter

In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 2)

[InDepth#19] It's time to finish up the "Th1nk Lik3 a H4cker" walkthrough, looking at the rest of the challenges and the final hack from Laracon US!

In Depth

In Depth: What Are Insecure Functions?

[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the common themes across the different ideas...

Newsletter

In Depth: Securing Randomness Without Breaking Things

[InDepth#14] Cryptographically secure randomness is important, but so is backwards compatibility...

Security Tips

Security Tip: Laravel's Password Generator

[Tip#37] If you need to generate passwords in your app, it's important to use a cryptographically secure algorithm. Laravel makes this easy by giving us the Str::password() helper!

Security Tips

Security Tip: Encrypting Environment Files?

[Tip#34] Laravel features the ability to encrypt environment files... but do you need to use it?

In Depth

In Depth: "Password Generator" Security Audit

[InDepth#12] In November 2022, Steve McDougall published a tutorial called "Creating a Password Generator"... we're going to audit his code!

Security Tips

OWASP Tip: A02:2021 – Cryptographic Failures

QmFzZSA2NCBpc24ndCBlbmNyeXB0aW9uIQ==

In Depth

In Depth: Magic Emails

[InDepth#10] One time codes, magic links, and more...

In Depth

In Depth: Signed URLs

[InDepth#9] One of the many awesome and completely underrated Laravel security features.

Security Tips

Security Tip: Cryptographically Secure Randomness

[Tip#19] Because all randomness should be cryptographically secure.

In Depth

In Depth: Rehashing Passwords

[InDepth#5] It sounds easy to rehash passwords, but is it really that easy?

In Depth

In Depth: Encryption

[InDepth#1] Let's take a look at how Encryption works in Laravel, where it's used, and how you can use it within your applications.