1. Enjoy this blog? My new book, ASP.NET Core in Action, Second Edition is available now, and supports .NET Core 3.1!
2. Preventing mass assignment or over posting with Razor Pages in ASP.NET Core

   Mass assignment or over-posting is something to bear in mind when building ASP.NET Core apps. In this post I discuss how to stay safe when using Razor Pages…

   April 28, 2020 in ASP.NET Core Security Razor Pages
3. Adding simple email address obfuscation for your blog like Cloudflare Scrape Shield

   In this post I show a simple way to obfuscate email addresses to make it harder for bots to scrape them from your site, similar to Cloudflare Scrape Shield.…

   April 21, 2020 in Front End Security
4. Safely migrating passwords in ASP.NET Core Identity with a custom PasswordHasher

   In this post I create a custom IPasswordHasher implementation that can be used in ASP.NET Core Identity to migrate from weak hashes like MD5 or SHA1.…

   May 07, 2019 in ASP.NET Core ASP.NET Core 2.0 ASP.NET Core Identity Security
5. Secure secrets storage for ASP.NET Core with AWS Secrets Manager (Part 2)

   In this post I show how to control which secrets are loaded from AWS Secrets Manager when your ASP.NET Core app start.…

   December 06, 2018 in ASP.NET Core Security Configuration AWS
6. Secure secrets storage for ASP.NET Core with AWS Secrets Manager (Part 1)

   In this post I show how you can store your ASP.NET Core secrets securely in AWS Secrets Manager and load them at runtime into the .NET Core configuration…

   December 04, 2018 in ASP.NET Core Security Configuration AWS
7. Implementing custom token providers for passwordless authentication in ASP.NET Core Identity

   In this post I show how to create 2 custom token providers for ASP.NET Core Identity, so that you can implement passwordless login with a short token expiry…

   April 10, 2018 in ASP.NET Core ASP.NET Core Identity Auth Security