Double Shot #1774

Rodauth - Full-featured authentication and account management framework for rack applications (not just Rails)
NIST's new password rules - what you need to know - A large part of what you need to know is that making your user's lives miserable does not necessarily correlate with improving security.
Webhooks do’s and dont’s: what we learned after integrating +100 APIs - Lots of advice here for when you're ready to move beyond REST.