Development LaraSec Security

Should You Block Compromised Passwords?

This is the thirteenth security tip from Laravel Security in Depth.Subscribe to receive weekly security tips and monthly In Depth emails covering Laravel Security topics. Passwords are the digital keys that keep user accounts safe, but passwords only work when they are secret and unguessable. The classic “fix” is to impose password complexity rules, but […]


The Security Risk of SMS Two Factor Authentication

The often talked about security risk of using SMS-based Two Factor Authentication (2FA) isn’t actually as big of a security risk that everyones makes it out to be. It’s much more of a security risk in SMS-based Account Recovery. It’s a subtle but incredibly important difference that I keep seeing news sites and security blogs completely overlook. […]