the proliferation of TOTP secrets | Continue reading
I once worked in highly regulated environments and needed a way to recall dozens of complex passwords that changed frequently. I tried to use a password manager, but could not due to the burdens and insecurity of some common design flaws. | Continue reading
I was curious to know how many popular websites have already uploaded a security.txt file and how many followed the most recent draft. So, I wrote a small Go program to check the Alexa Top 1 million websites. | Continue reading
Compliance versus security | Continue reading