27 Jan 2017

Secure and practical passwords

Passwords are an essential part of life now, from carrying out the weekly shop, to accessing social media, to logging into your website. The problem with passwords is that many people use the same one multiple times, or use an insecure one which is easy to guess. We don’t have to wait long nowadays before we hear of yet another website where user details have been compromised. Most recently, Yahoo revealed in December that 1 billion user accounts had been breached, probably dating back to August 2013, making it the largest such security breach in history. Many other well-known and popular
24 Feb 2016

PHP 7 and the improvements to PHP 5

PHP is a website programming language. It’s the World Wide Web's most popular code, estimated to power over 80% of websites, including the likes of Facebook and Wikipedia. In December 2015, a major new version of PHP was released: PHP 7. PHP 7 is the first major upgrade to the language for more than decade. The main improvement is speed. PHP 7 is estimated to be around twice as quick as the previous version. It's also more memory efficient, using as little as half the amount of memory as before. There are also other benefits that programmers can use to enhance websites. However, there's one
27 Aug 2015

Should your website be encrypted?

When Google announced in August 2014 that it is now favouring sites that are entirely encrypted in search results, websites started switching, using the secure HTTPS protocol as default. Many sites already use encryption for key pages such as login or online purchases, but the new trend is to encrypt everything. Is this something your website should be doing? On 1st August 2014, HTTP Archive, a website which tracks trends in the World Wide Web, showed that 9% of web pages were encrypted. This figure jumped after Google’s announcement, and currently stands at 20%. One big reason behind this
26 Feb 2015

Extra security and speed with CloudFlare

Anyone running a website will be aware of a growing threat from malicious software, usually powered by networks of infected computers known as botnets. Vulnerabilities in software are increasingly targeted, and the numbers of distributed denial of service (DDoS) attacks on websites are estimated to have increased tenfold since 2009. I’ve been running websites for over 15 years, and I’ve seen first-hand how much growth there has been in this type of traffic. Checking the logs for most websites will reveal that a botnet has been testing for a vulnerability. Website security has never been so
17 Sep 2014

Unions & cloud-based services

Cloud-based services have been growing in popularity over the last few years. These services are delivered online and are usually paid for on an ongoing basis, with flexible pricing depending on the needs of the user. This usually results in lower costs and lower risks, combined with reliable and well-built software. While some unions are already using these services, their popularity will grow over the next few years. One cloud-based service that a number of unions are already using is MailChimp. This web-based application allows unions to email their members and can handle a huge number of
08 Nov 2011

Power of the Password

The recent News of the World phone hacking scandal illustrated how easy it can be to access poorly protected information. The investigators who hacked into the phones were not IT geniuses; they just exploited basic flaws in the caller ID and PIN systems. A few years back, a default PIN was provided for access to mobile messages – with the onus on the user to change it if they wanted to. Needless to say, many people never bothered to change this default PIN. Even when they did, it was often to an easy to guess number, like 1234 or 3333. While things have improved with mobile message security