Preview Mode Links will not work in preview mode

DevelopSec: Developing Security Awareness

Jan 23, 2017

A few months ago, it was announced that some companies buy stolen passwords off of the black market to help protect their users.  This is done by determining if the user's password was part of that list and forcing a reset.  James talks about the idea and raises some interesting questions.  What do you think about the...


Jan 17, 2017

Are you, or have you, implemented a remember me feature for your application?  What do you remember, username, password, or both?  James talks about some security considerations around implementing a remember me feature for your application.

For more info go to https://www.developsec.com or follow us on twitter (


Jan 10, 2017

Do you use MongoDB?  If so, is it exposed to the internet?  Recent news (listed below) had shown that a large number of MongoDB instances are being infected with ransomware.  James talks about the issue and ways to help ensure you are not the next victim.

Link to original article:


Jan 5, 2017

Implementing multi-factor authentication isn't just about a second factor.  There are many considerations that need to be included.  One in particular, how do you handle the user losing their means of that second factor.  James talks about thinking this through.

For more info go to https://www.developsec.com or follow...