Recently I worked on a feature allowing users to change their password once logged into an application. During this there was a very interesting discussion about what security should surround such a feature. This lead me to write this post sharing my thoughts on security once a user is logged into your app. The main security […]