I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
Bear in mind that what I am gonna say is not a personal attack to the developer and author of this post.
Please don't use this type of approach if you take security seriously and you don't want to have a huge GDPR fine for a data breach of your users Personal Identifiable Information(PII).
Authenticating users must be done by following OWASP recommendations.
I strongly recommend the use of OAUTH 2.0 and OpendID for authenticating a user and lots of battled tested packages exist to provide this functionality.
Bear in mind that what I am gonna say is not a personal attack to the developer and author of this post.
Please don't use this type of approach if you take security seriously and you don't want to have a huge GDPR fine for a data breach of your users Personal Identifiable Information(PII).
Authenticating users must be done by following OWASP recommendations.
I strongly recommend the use of OAUTH 2.0 and OpendID for authenticating a user and lots of battled tested packages exist to provide this functionality.
Listen to this guy.