Category: Application Security

Stop Using Security Questions

Please stop using security questions. Why security questions were designed with good intentions If you forget your password, a site can ask you a series of security questions. This allows you to recover your account while still potentially authenticating you with questions only you know. Account recovery options are always a great idea, but doing…

November 7, 2018
How-To Securing PHP5 $_GET Strings

This is a VERY old post of mine from 2008 that I’m sharing for sport. There are many articles on the internet, none are complete in securing something. This article is no different. Every day holes are found in code, and they rarely get reported right away…and updated right away. But keeping yourself aware of…

December 2, 2008

Stop Using Security Questions