Hardware Security Keys
Play
11:02 CC

Hardware Security Keys

#302 Jun 27, 2021 pro
Using a hardware security key for multi-factor authentication is a great way to protect user accounts. In this episode, we look at implementing security keys into our Ruby on Rails applications with Devise user accounts.

Secure User Passwords
Play
8:26 CC

Secure User Passwords

#349 May 15, 2022 pro
We have a look at integrating the HaveIBeenPwned service with Devise so that our users will some awareness of their password being potentially compromised.

generates_token_for
Play
7:55 CC

generates_token_for

#380 Dec 18, 2022 pro
In Rails 7.1, we're going to get a new feature that will allow us to generate tokens for attributes. With generates_token_for, a token can embed data from a record. When using the token to fetch the record, the data from the token and the data from the record will be compared.

Session Hijacking
Play
9:27 CC

Session Hijacking

#400 May 7, 2023 free
In this episode, we explore session hijacking and an approach that we can take to limit the risk. There are some user experience and functionality caveats to this approach so they must be taken into consideration as well.

Have I Been Pwned
Play
12:52 CC

Have I Been Pwned

#470 Aug 18, 2024 pro
Pwned Passwords are hundreds of millions of real world passwords previously exposed in data breaches.In this episode, we will look at adding this integration into our Rails applications where Devise or Action Auth are used as the authentication solutions.