5h ago · 18 min read · In the previous parts of this series, we discussed the authentication vulnerability from the developer’s point of view. We discussed password requirements based on NIST guidelines, rate limiting using
Join discussion
5h ago · 1 min read · Background While building an internal e-commerce site, I assumed email was required for registration. Reality proved otherwise: most existing users only had phone numbers (registered via LINE). The Problem Email as required field rejected phone-only...
Join discussion14h ago · 5 min read · What Is Zitadel? Zitadel is an open-source identity management platform that handles authentication, authorization, and user management. It supports OIDC, SAML, passkeys, multi-factor authentication, and multi-tenancy out of the box. Think of it as a...
Join discussion22h ago · 7 min read · Building Strong Backend Foundations with Practical Examples When learning backend development with Node.js, the most common framework you’ll encounter is Express.js. It is minimal, flexible, and power
Join discussion
2d ago · 6 min read · JSON Web Tokens sound scary at first. They're not. This guide breaks down everything from structure to security pitfalls. 1. What is JWT? JWT stands for JSON Web Token. It is a compact, self-contained
Join discussion4d ago · 6 min read · I Rebuilt Auth From Scratch, Here's Everything I Got Wrong the First Time I've built authentication more times than I can count. Every new project, same boilerplate. Login form, token in localStorage,
Join discussion
5d ago · 37 min read · Whether you're building your first API or prepping for a senior backend interview, auth is the topic you can't afford to hand-wave. This guide covers everything — history, sessions, JWTs, cookies, MFA
Join discussion
6d ago · 22 min read · In Part 1, we discussed the requirements of passwords according to NIST recommendations, various methods of rate limiting using sliding window and exponential backoff, and ways to avoid enumeration of
Join discussion
