View profile - June '21

Scott Brady
Scott Brady
A new article and a new newsletter.

Client authentication vs. PKCE
This month’s article covers a question I’ve received a few times: “Does OAuth’s Proof-Key for Code Exchange (PKCE) replace client secrets”. The short answer is no, but this article digs into it a bit further than that.
Client Authentication vs. PKCE: Do you need both?
Since we last spoke...
There have been some new articles since my last email, focusing on password UX and password hash migration.
Authenticated Encryption in .NET with AES-GCM
Beware of Password Shucking
Integrating ASP.NET Identity Password Policies with Password Managers
Perfecting the password field with the HTML passwordrules attribute
In other news...
I am now a father! My son was born in April, and after 9 weeks, I’ve finally found some time to get my improved newsletter back on track.
If you have any article ideas, let me know. I’m always on the lookout for new topics!
Did you enjoy this issue? Yes No
Scott Brady
Scott Brady @scottbrady91

Stay up to date with a monthly email containing my latest articles, newest courses, favorite links, and the odd picture of my cats.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.