Possibly a rather lightweight topic this one, but at the time (and frankly since) it was certainly in the news. The topic? Websites getting hacked, having customer data downloaded, including passwords. Sometimes the hacks are really simple, and I talk about a couple in the article: SQL Injection (which, even after all this time, is still one of the primary ways to hack a website) and XSS (cross-site scripting). Sometimes users bring the problems upon themselves by, say, having the same passwords for several sites (your password then is only as safe as the security at the weakest site). I also talk about the need to salt-and-hash passwords in your database if you are a website developer, and the need to use a good password manager if you are a user. […]
READ MORE