XING

Cover Image

Lutra Security

6 followers

1-10 employees

Lutra Security
Lutra Securityposted an update7 July 2023
📢 Manifest confusion: Why npm cannot be trusted The architecture of npm has a problem known as manifest confusion, as recently highlighted in an article by Darcy Clarke. The manifest, which contains the metadata of the package, is published independently of the package's tarball and is never fully validated. We have looked into this problem and describe in our new article - how npm's package normalization process exacerbates the problem - how npm itself gets confused by this (we show how to b...

Manifest confusion – Lutra Security

Manifest confusion is a problem in the architecture of npm, pointed out by Darcy Clarke: An npm package’s manifest is independently published from its tarball and never fully validated.lutrasecurity.com
 Manifest confusion – Lutra Security
Lutra Security
Lutra Securityposted an update26 May 2023
Sometimes all it takes is a little copy and paste. That's why in this article we won't focus on password policies in general, but rather give you a reasonable default for Django with all the explanations you need to customize it for your project. https://lutrasecurity.com/en/articles/django-password-validation/

Password Validation in Django – Lutra Security

Since NIST updated its password recommendations in 2017, a lot has changed. Although there are still plenty of applications that rely on the old-fashioned complexity-based rules (lower case, upper case, numbers, special characters… you know the drill), a lot has improved.lutrasecurity.com
 Password Validation in Django – Lutra Security

Similar companies

About us

Lutra Security

IT-Sicherheitsberatung

Show more

Jobs

Icon

It looks like we’re having a few problems here.

Please reload to try again.

Location

Open map

München

Ludwigstraße 8, 80539 München, Germany