There’s a lot to consider when building a web-based login system. Auth plugins and modules all have different security features, and developers have different priorities and experience when it comes to designing and adding these features.
This advice sometimes changes over time as technologies develop, so even experienced developers need to re-familiarise themselves with these processes occasionally.
To help raise awareness of the various aspects of authentication, I’ve compiled this list of [approximately] 50 points to consider.
Not all of these are essential, but more is definitely better.
They’re not in any particular order.
I could go into much more…
Recently I sent an email to [Company], informing them of a change to my data that they need to process.
Attached to this email was a document that I received from a third party, that confirmed this change was accurate.
It was literally ‘a letter’. In docx format.
The expected outcome of this request, is that [Company] should contact the third party to verify the authenticity of the letter, and thus confirming the letter is indeed accurate. …
The atrocity of the aristocracy
Is in their animosity towards society,
And in their legacy of misogyny
And greedful demagoguery,
Their unabashed inadequacy
To comprehensively supply
Fairness and equality
To the poor and to the wealthy
So that nobility, now rather oxymoronically
Is no Nobler than the Peasantry
And History shall show resurgency
Of lower-class insurgency
And bring to it’s knees the
Hypocrisy of government that isn’t governing,
Leaders that aren’t leading,
And prostitutional politicians,
Selling their positions unapollagetically
Not in the interests of the citizenry,
Just for personal gain fiscally.
This is what it means to be Conservatory,
Serving the rich to keep the wealthy healthy,
Divesting public services under a false economy,
Cutting the heart of the Civic taxonomy,
Privatise necessity…
Tim Stamp
The Security Architect
