I cannot trust anything returned from a client so it seems best to Only return one thing from the client
As for a carefully vetted security pro - that's great but I am looking for basic generic best practises (we know that has evolved from md5 hashes to bcrypt but what else is there?)
It seems either a hole in my education or a hole in general common knowledge
I cannot trust anything returned from a client so it seems best to Only return one thing from the client
As for a carefully vetted security pro - that's great but I am looking for basic generic best practises (we know that has evolved from md5 hashes to bcrypt but what else is there?)
It seems either a hole in my education or a hole in general common knowledge