• HTTP/2 Server Push - The Go Blog
  • 台灣軟體產業的現況
    • 軟體工程教育大部分課程是沒有編寫軟體工程經驗的老師教授的
  • FOSDEM’18
    • 689 個議程中,有興趣的有十多個,根本看不完…
  • 28 SRE 讀書會
  • 12 best practices for user account, authorization and password management

    1. Hash those passwords
    2. Allow for third-party identity providers if possible
    3. Separate the concept of user identity and user account
    4. Allow multiple identities to link to a single user account
    5. Don’t block long or complex passwords
    6. Don’t impose unreasonable rules for usernames
    7. Allow users to change their username
    8. Let your users delete their accounts
    9. Make a conscious decision on session length
    10. Use 2-Step Verification
    11. Make user IDs case insensitive
    12. Build a secure auth system
    • Sars: 第 11 點不是很懂,為了避免使用者在行動裝置上輸入錯誤,而把所有帳號都變成小寫,覺得這樣會製造出更多問題