Chris Cornutt over at phpdeveloper.org reminds us that development security isn’t an add-on. I have two fun side-project I want to work on this year, and security is an area where my coding practice can definitely improve.
This is one of those places where I feel working with existing frameworks can be an improvement over my normal “code from the ground up” approach. Not only should an existing framework save time on rote tasks, but hopefully the developers creating various modules and plugins have a better grasp on security practices than I do. Especially the ones who are writing code specifically related to authentication.
Granted, coding for me is a hobby, not a career. I can indulge myself in inefficient practices because I enjoy the art of problem-solving. But if I ever plan to launch my projects and have other people use them, it’s not okay for me to create something that’s not secure and could put my users data at risk.