

Things to consider while developing any web application : Part 1 - shashikant52004
http://snwalkunde.tumblr.com/post/7697455349/things-to-consider-while-developing-any-web-application

======
mooism2
Point 1 should be "allow people to login via Facebook/Twitter/Openid/etc if
possible, and hash the password using bcrypt() otherwise". sha1 isn't going to
slow an attacker down.

