Posts

GDPR: Application Password Security in 2018

Security Primer

As we hurtle towards GDPR, more and more of my clients are becoming concerned with data security. This is great news - I've always recommended best practices but come up against resistance occasionally due to the extra amount of time some implementations take - after all, time is money, and to some clients money is more important than security. Thankfully we're all now being forced to consider it more seriously.

I'm no security or cryptographic expert but as part of my job I have to provide secure authentication and storage systems to protect my client's data. As I'm a Microsoft stack guy this is often dealt with by an Active Directory or Federated Identity Server - but on occasion I need to "roll my own" authentication system or heavily modify an existing one.

One client recently asked me about the password hashing I'd put in place for them - I'd implemented SHA-256 with salting, using the same piece of code for about a decade. It…

How I Learned to Lose Weight and Love Exercise (again)

Image
Back in my youth I was an avid gym-goer, badminton and basketball player, utility cyclist and swimmer. I did all this because I enjoyed it / life necessitated it, and I never once thought about my weight or fitness levels - though I did care about how I looked. Everything stopped when I moved to a new town and made new friends; I took up music as a hobby and sport fell by the wayside. Lugging 250lb of bass gear up and down 3 flights of stairs every week felt like enough to me - alas, the lack of exercise over a period of about 10 years (combined with my love of all forms of food and drink) resulted in me gaining a considerable amount of weight without me really noticing it.

About a year and a half ago, I did notice it. I started hating pictures of myself, I was struggling to live everyday life without sweating constantly and getting out of breath doing menial tasks. Walking 2 miles into town was a huge amount of effort, and even sleeping was difficult (for both myself and my wife) due…

Deleting All PlayerPrefs for your Unity3D Project on Windows

As a Unity3D developer you'll eventually find yourself wanting to delete the PlayerPrefs for a particular project on a regular basis. I've been recently using PlayerPrefs to store player settings like FOV, mouse sensitivity and acceleration, and I wanted to make sure that my code will run on a freshly installed machine as well as my development box.

If you click the link above, you'll see that all PlayerPrefs are stored in the registry - for a Windows machine at least. So, instead of writing some delete-later code to run PlayerPrefs.DeleteAll(), you can just create a simple registry file that you can click on whenever you want to clean up your machine. All you need to do is prefix the registry key of your project with a dash (-), and run the file.

Below is a sample file for Windows 8.1 - you'll need to alter the Registry Editor version at the top of the file if you're using any other version of Windows, but it should still work:

Windows Registry Editor Version 5.00 …

Why GUIDs Are a Bad Choice for SQL Server Key and Identity Columns

I've spent many years debating with my fellow developers across all manor of subjects (I do love to talk), but one subject that comes up time and time again is the usage of the UNIQUEIDENTIFIER data type in SQL Server; especially when they're used as identity and key columns. In fact, I see this more often than you would expect, and misconfigured UNIQUEIDENTIFIER columns can create "hidden" problems that can be difficult to discover and / or rectify, depending on the SQL experience throughout your team.
If you care to ask around your colleagues, it's almost guaranteed that you'll get multiple conflicting opinions on why you should or should not use GUIDs in SQL Server, but few developers actually realise the impact of such a design choice. In the interests of science, I'll try and keep this as factual as possible, and I'll focus on the topic at hand, rather than GUIDs / UUIDs in general.

Here's a list of common reasons for using a GUID in your da…