Validate your passwords using Elixir and haveibeenpwned.com's API

Unless you’ve been living under a rock for the last couple of years, you probably know what two-factor authentication (2FA) is. It’s quite a neat trick actually - you have a password that you have to (obviously) enter correctly (first factor), but you also have to receive a second (random) code through a different medium, sometimes on a different device, that you have to enter to log in (second factor)....

December 23, 2018 · 12 min · Ilija

Rails, Secure Cookies, HSTS and friends

Ruby on Rails as a framework does a lot of things for us developers. We get a very customizable middleware stack, great routing system, very expressive ORM, helpful modules with great utility methods in them and so on. But in Rails there’s more than meets the eye. It does some great things that we just take for granted or on occasions we don’t even know they exist. Some of these features are TLS redirection, secure cookies and HTTP Strict Transport Security (HSTS)....

December 14, 2015 · 8 min · Ilija