How to really store a password in a database

Recently I wrote: Don’t store passwords in a database. I stand by this statement. I expected a lot of flak because I didn’t explain myself. This post goes into a bit of an explanation of my position, as well as how to go about storing something in a database that can be used for authenticating
-> Continue reading How to really store a password in a database

Is Transparent Data Encryption just security theatre?

I love theatre. In six months I am putting on two one-act plays for a local festival, because I don’t already have enough on my plate. Security theatre, on the other hand, I don’t like. It is security for the sake of appearances, that offers little to no solution to the problem it claims to
-> Continue reading Is Transparent Data Encryption just security theatre?