Thu 19 Jul 2012 04:58:51 PM PDT
Some recent thought-provoking articles on security.
Instead of annoying CAPTCHAs, try "Design, Limit and Trapdoor" to limit damage from problem users: DLT is better than CAPTCHA
Pay attention to that Persona thing. Doing passwords right is hard. Everything you ever wanted to know about building a secure password reset feature, How Companies Can Beef Up Password Security
This looks like a lot of work to do within existing web frameworks: Database level security in webapps (so do we need better frameworks?)