This article will not lecture you on all the various variations of what you can do, or what you shouldn’t do even if you are already doing it wrong. Or how other authentication methods are superior when the “password” is ubiquitous.
No, this article, rather, delivers a definitive technical guide on what you should be doing right now to store your passwords in your database.
If you are not storing passwords already then this article may not be for you.
Significantly improve JWT token security for your customers and you.
Including a System JWT Issuing Fingerprint within the JWT token could deliver you significant security improvements without any inconvenience to your users….
It’s a win, win… or if you don’t agree, let me know why!
If you’re creating a JWT token then you’re issuing it to someone and that means it was requested. The fingerprint of the requesting system is a much overlooked component in securing JWT tokens.
Requesting systems may be identified by a number of parameters: