Blog

Continued from the previous post (Sept 9th, 2024): Denial of Service (DoS) Attack: A brief summary.

See the follow-up posts:

With a few improvements to our UI particularly in regards to font rendering, we now support ASCII QR codes. Actually UTF-8, but no one says "UTF-8 Art". Or maybe the do now and I'm just way behind. In any case, we now support ASCII and UTF-8 QR codes.

I introduced a bug that prevented new users from verifying their accounts. Verification emails went out fine but the link wasn't setting the `verified` flag on the account record.

The current landscape of user interface design faces challenges similar to those of the late 1990s. Dial-up speeds, small screens (desktop included), and limited browser capabilities were the constraints of that era. Today's constraints, however, are not technical limitations but data privacy regulations like GDPR and CCPA. These regulations provide an opportunity to improve UI design.

Some recent updates. I'm still working on the new design, moving the UI from purely old-school, server-rendered mustache templates to Vue 3 components. I've been making some incremental improvements here and there.

So the new design has been up for about a month now. In my rush to get it out, I forgot to check the custom font in Safari. It's not loading. It's a bit of a whoopsies. I'm not sure what's going on. I'll have to look into it.

At Onetime Secret, we believe in transparency and community-driven development. Our open-source first approach ensures that all new features and improvements benefit our entire user base, from individual developers to enterprise customers. This post outlines our development model, its benefits, and how it shapes our business strategy.

When we first launched in 2012, we never anticipated the widespread use and trust that our platform has gained over the years. To put it simply, we've been really fortunate to have a product that people have stuck with for more than a decade.

All of times I've found myself in a situation where I need to get a little bit of data on to or off of a server somewhere. Copy & paste works in some cases but not always. Another option is a service like Pastebin but it's not cool for sensitive info like config files because even though you can easily forget to delete them when you're done.

Keep sensitive info out of your email & chat logs.

I worked on a new UI over the weekend and pushed it live today. Thanks to Twitter's Bootstrap v2 framework it's cleaner, easier to use, and works great on small (mobile) screens too. Here are a couple comparisons (old vs new):

One of my pet peeves about security is people who advocate for 'strong' passwords. Everyone knows these people; they're the tech support person who tells you your password must have a minimum number of characters that you only use when censoring expletives. Even worse, some of them use a random password generator to assign a password to you that you're unable to change. The argument for this is that if you have a wider range of characters in your password, you have greater entropy and therefore it is harder for your password to be hacked. While there is some truth to that, there are numerous flaws in the logic when using it to determine a good security policy:

We now have a perl client library for our API thanks to Kyle Dawkins. The code is available on Github and CPAN. Here's an example: