In Depth
In Depth: "Password Generator" Security Audit
[InDepth#12] In November 2022, Steve McDougall published a tutorial called "Creating a Password Generator"... we're going to audit his code!
In Depth
In Depth: Rehashing Passwords
[InDepth#5] It sounds easy to rehash passwords, but is it really that easy?
Security Tips
Security Tip: Should You Block Compromised Passwords?
[Tip#13] Blocking Compromised (Pwned) Passwords forces your users to use strong passwords, but is it the right choice for your app?
Security Tips
Security Tip: Default Password Rules
[Tip #11] Why duplicate password validation rules across your app when you can define defaults once?