Since 1999

Web Application Topics Category


Bad Password Practices are Responsible For Most Data Breaches. You Can do Better.

Verizon DBIR says 61% of data breaches are the result of bad password practices. Your app can avoid some of the pitfalls with a few precautions, especially using slow hashes and 2FA.

Read More »


What is the difference between bcrypt and SHA256?

TL;DR; SHA1, SHA256, and SHA512 are all *fast hashes* and are bad for passwords. BCRYPT is a *slow hash* and is good for passwords. Always use slow hashes, never fast hashes.

Read More »


What is an Abuser Story (Software)

In software development and product management, an abuser story is a user story from the point of view of a malicious adversary. Abuser stories are used with agile software development methodologies as the basis for defining the activities that should be actively blocked or mitigated by the software and proven by automated regression testing.

Read More »


Adding a Rake Task for SQL Views to a Rails Project

I add and update SQL views to my databases with 'rake db:views'; it's wonderful!

Read More »


Issue #6: February, 2014, Web Application Topics Newsletter

Read More »


Why & How We Remote Pair Program (2013)

Read More »


Joppar's 'Tips on Securing Your Mobile App' Infographic Quoted Me!

Read More »