Users are humans, so they have memory problems like everyone. Thus, they happen to forget their password from time to time. The purpose of this article is to show how to give them back access to your application. If it's not clear, the post is about what to do when a user clicks on the submit button on this page: ❌ Resend password by email If you are considering this solution, you are not storing… [read more]

A password is a very sensitive piece of information. It allows a user to authenticate on an application. You should not store it like any other data. We often see news indicating that passwords have leaked. This has happened to LinkedIn, Adobe, 500px and unfortunately many more. So you have to make sure that such incidents cannot happen in your applications. Indeed, you are responsible for your data. In… [read more]

Cryptography is a very important thing for information security. Information security is composed of 4 parts: Integrity: ensure a document is not altered Confidentiality: ensure only authorized people can read a document Authentication: ensure the document was written by an identified person Non-Repudiation: prove who/where a document came from as well as the authenticity of that message, so the sender… [read more]

I am the author of the Meziantou.Analyzer, an open-source Roslyn analyzer that ensures the code you write follow some good practices in term of design and performance. This analyzer is published as a Visual Studio extension on the marketplace and as a NuGet package. As I regularly update this project, I want the changes to be published quickly on the marketplace and on NuGet. Of course I don't want to do… [read more]

When using system handles such as file handles, process handles, or any other handles provided by the kernel, you should take care to release them correctly when you don't need them anymore. The native APIs often provides a method to get a handle and a method to release it, plus sometimes a few methods to work with the resource. For instance, you can get a file handle using the method CreateFile, release… [read more]

From the .NET documentation of Regex, \d matches any decimal digit. The signification of a "decimal digit" depends on the options of the regex: Without RegexOptions.ECMAScript (default): \d means \p{Nd}, e.g. any character from the Unicode category "Decimal digit" With RegexOptions.ECMAScript: \d means [0-9] The Unicode category "Decimal digit" contains characters such as 0, 1 or 2 but also characters… [read more]

FontAwesome contains thousands of icons, but you often use a very small subset of those icons. For instance, I only use 15 icons on this website. So, why do you want your visitors to download hundreds of icons they won't use. One solution is to create a custom bundle that contains only the icons you actually use. You can reduce the bundle size from a few hundred kB to a few kB (6kB on this website).… [read more]

In a previous post about performance tricks about strings, some of you mentioned they didn't know about the performance impact of captured variables in lambda expressions. So, let's see another example with the ConcurrentDictionary<TKey, TValue>. The class ConcurrentDictionary<TKey, TValue> is often use for caching data, so you want it to be as fast as possible. In this usage, you mainly use 3 methods:… [read more]

Comparing strings is different from comparing numbers. 2 numbers are equal if their values are identical. For instance 1 is equal to 1, and 1 is not equal to 2. That's trivial. When it comes to string, things are different. For instance, do you want a case-sensitive comparison? What about the different ways to write the same letter. For instance, the letter ß is common in German, but it's also possible to… [read more]

I've created a pull request on the ASP.NET Core repository. At the beginning, the changes were just about changing the unsafe code (char*) for stackalloc to a safe version with Span<T>. So, it was a very small change. During the review, Oleksandr Kolomiiets, Günther Foidl, and David Fowler have suggested a few additional changes to improve the performance. Thank you very much for taking the time to review… [read more]