Tootfinder

Opt-in global Mastodon full text search. Join the index!

@frankel@mastodon.top
2025-06-04 08:11:00

Spring Secret Starter: Managing #Secrets in Your #SpringBoot App
lucas-fern…

Spring Secret Starter: Managing Secrets in Your Spring Boot App
In today’s cloud-native world, managing secrets (API keys, database credentials, tokens, etc.) securely is non-negotiable. Yet, developers often struggle with balancing security and simplicity when…

@kubikpixel@chaos.social
2025-07-14 05:20:24

JWTs Are Not Session Tokens , Stop Using Them Like One
When JSON Web Tokens (JWTs) hit the mainstream, they were hailed as the solution to everything wrong with session management. Stateless! Compact! Tamper-proof! Suddenly, everyone started stuffing them into every web app like ketchup on bad code.
🧑‍💻 archive.fo/01UkP

@pygospa@social.linux.pizza
2025-06-13 20:08:40

If you are like me, then you might have installed the #GoogleAuthenticator app, back in the days when it was the only solution out there for #TOTP #2FA.
But that is long ago. Since …

Screenshot of Ente Auth website, reading "Ente Auth: Open source 2FA authenticator, with end-to-end encrypted backups" and a picture showing the Ente Auth UI on an iPhone as well as their mascot: A little duckling holding a shield.
Screenshot of the Aegis Authenticator website reading "Aegis Authenticator is a free, secure and open source app for Android to manage your 2-step verification tokens for your online services." and a picture of their UI on an Android phone (the only platform they support).