From login to data entry, security touches every aspect of web app. But by nature, security is picky.
Until recently, we didn’t dare log out of version 2 beta because the new secure login screen wasn’t fully developed. But it happened anyway. And in spite of being an avid 1password user, I neglected to jot down my login credentials. Oops.
While hacking his way back in, I hit several intentional obstacles.
Passwords can not be recovered, only changed. Once encrypted, they’re encrypted for good.
The system scans bits of information that I create, like character bios and blog posts, even if I had already given my username and password.
- Future versions of the Grawlix CMS will not display errors, hiding sensitive “here’s how it should work” information.
So I faced a blank page and an identity challenge at every turn. Luckily I had full access to the database, and got back in with a new user and a fresh password — one reason databases have their own logins.
Security is tight by necessity, and we’re taking steps to make sure that only artists who own their site can get in — provided they don’t pull a Ben.
Anyone can read the blog, but patrons get inside info. Support our project!