Simon Willison’s Weblog

Items tagged accounts in Sep, 2007

Filters: Year: 2007 × Month: Sep × accounts ×


Designing for a security breach

User account breaches are inevitable. We should take that in to account when designing our applications.

[... 545 words]

hasAccount. Stuart proposes a light-weight API for letting any site know if a user has an account (and is signed in) on another service. I wouldn’t want to deploy this without being confident that my CSRF protection was in order. # 28th September 2007, 9:10 am