Blog
Sharing insights on web development, security, and tools
2025
10/27
Security12 min read
Hash Algorithms Compared: How to Choose Between MD5, SHA-1, SHA-256, and bcrypt
Can MD5 still be used? Should passwords use SHA-256? bcrypt or Argon2? This guide uses real breach incidents to map every hash algorithm to its right scenarios — and which mistakes you absolutely must avoid.
10/13
Security14 min read
Modern Cryptography Cheat Sheet: Symmetric, Asymmetric, Hashing, Signatures — Which to Use?
AES or ChaCha20? RSA or Ed25519? When do you reach for digital signatures versus HMAC? This guide draws a single decision tree across the four core primitives of modern cryptography, with five mistakes every developer eventually makes.
09/08
Security14 min read
The Complete JWT Guide: Internals, 5 Security Pitfalls, and Production Best Practices
JWT solves stateless authentication in a single string — and brings a whole catalogue of security pitfalls with it. This guide walks the three-part structure, alg=none attacks, key leakage, refresh token design, and everything you actually need to know to use JWT in production.
