Description

---

Developers, designers, engineers, and creators can no longer afford to pass responsibility for identity and data security onto others. Web developers who don't understand how to obscure data in transmission, for instance, can open security flaws on a site without realizing it. With this practical guide, you'll learn how and why everyone working on a system needs to ensure that users and data are protected.

Authors Jonathan LeBlanc and Tim Messerschmidt provide a deep dive into the concepts, technology, and programming methodologies necessary to build a secure interface for data and identity--without compromising usability. You'll learn how to plug holes in existing systems, protect against viable attack vectors, and work in environments that sometimes are naturally insecure.

• Understand the state of web and application security today
• Design security password encryption, and combat password attack vectors
• Create digital fingerprints to identify users through browser, device, and paired device detection
• Build secure data transmission systems through OAuth and OpenID Connect
• Use alternate methods of identification for a second factor of authentication
• Harden your web applications against attack
• Create a secure data transmission system using SSL/TLS, and synchronous and asynchronous cryptography

About the Author

---

Jonathan LeBlanc is an Emmy award-winning software engineer, technical author, and the Head of Global Developer Advocacy for PayPal. Jonathan specializes in identity, authorization, and security; hardware-to-web communications; and data mining techniques--all with a focus towards human and device interconnectivity.Tim Messerschmidt is Program Manager of Developer Relations at Google, leading the Germany, Austria, and Switzerland (DACH) region. Prior to joining Google, he headed up PayPal's and Braintree's Developer Evangelism teams across Europe, Middle East, and Africa (EMEA) and the Asia-Pacific (APAC) region.