Look before you pip

For Python programmers, downloading Python packages from PyPI, the Python Package Index, is second nature. Tools like pip and conventions like the requirements.txt file that most Python projects follow provides a consistent way of specifying project dependencies. However, install…
Read more...

Using a single password for Authentication and Encryption

A common scenario in web applications involve using a single password as a means of authentication as well as a means to derive a secret for use in encrypting data. Many strong key derivation functions like pbkdf2, bcrypt or scrypt have properties that make them strong password h…
Read more...