First, read this. Why passwords have never been weaker—and crackers have never been stronger.
There are numerous important lessons in this article....
1 replies - 11886 views - 08/28/12 by Steven Lott in Articles
I had an interesting question pop up on my “SSL is not about encryption” blog post this weekend: I have a question about logging to site like...
1 replies - 4268 views - 08/06/12 by Troy Hunt in Articles
The
massive losses of password hashes at LinkedIn [1], eHarmony [2] and
Last.fm [3] are very concerning, to say the least. These are companies
that are...
1 replies - 1745 views - 06/11/12 by Gunnar Hillert in Articles
No really, this is my LinkedIn password: y>8Q^<6mqKEA4hac Well it was my LinkedIn password until earlier today when it became apparent that LinkedIn...
2 replies - 9318 views - 06/11/12 by Troy Hunt in Articles
BackgroundJBoss Application Server runs Java EE applications which can be web applications, EJB applications, Web Services etc. Single Sign On (SSO) or...
0 replies - 7849 views - 04/10/12 by Anil Saldhana in Articles
Hey, let’s be careful out there.--Sergeant Esterhaus, daily briefing to the force of Hill Street BluesWhen
developers run into an unexpected bug and...
3 replies - 10446 views - 03/19/12 by Jim Bird in Articles
Hacker News exploded yesterday with news of GitHub being hacked. Wanting to know what all the fuss was about, I began with GitHub's side of the story:
A...
2 replies - 11759 views - 03/05/12 by Chris Shiflett in News
You should take a serious look at your application and write some tests, first thing Monday. I
would write integration tests with real data that attempt to...
0 replies - 6018 views - 03/05/12 by Daniel Doubrovkine in Articles
It’s the end of the year. Time to look back on what you’ve done, what
you’ve learned, your successes and mistakes, and what you learned from
them. I...
1 replies - 6282 views - 01/06/12 by Jim Bird in Articles
It’s happened – again. A major gaming network has been hacked, compromising millions of users’ information.
Last night, Steam –
Valve’s online...
0 replies - 4772 views - 11/12/11 by Eric Berg in Articles
OAuth is a wonderful standard: it allows users to give permissions to a third-party service to use theirs accounts on a website; but it works without forcing...
2 replies - 6363 views - 10/13/11 by Giorgio Sironi in Articles
Just saw this for the first time today: http://cwe.mitre.org/top25/
I'd always relied on...
0 replies - 5646 views - 07/17/11 by Steven Lott in News
One thing I’m doing very often and
always searching on the Internet is how to obtain a self-signed SSL
certificate and install it in both my client...
10 replies - 22095 views - 07/03/11 by Nicolas Frankel in Articles
This tutorial will walk you through how to configure SSL (https://localhost:8443 access) on Tomcat in 5 minutes.For this tutorial you will need:
Java SDK...
5 replies - 26981 views - 07/01/11 by Loiane Groner in Articles
A cross-site request forgery (CSRF)
occurs when a hacker takes advantage of the fact that users don't
always log out of the websites and web applications...
0 replies - 4539 views - 06/13/11 by Brian Swartzfager in News
