Weekly Update 113

Bit of a change of scenery this week; I've gone to the other end of the house whilst invasive palm tree roots are water blasted out from beneath my office window as part of our garden renos. But hey, that's a nice place to be on a day like this ?

Other than the location, it's business as usual. There's been some interesting discussion on biometric this morning, I'm appealing to developers of extensions and add-ons to whitelist themselves when a CSP is present and I'm talking about Google's U2F implementation. That last one in particular has had a heap of traction so appears to have struck a bit of a chord. Checking out Google Analytics, it looks it made it to the front page of Hacker News and whilst I always take those comments with a grain of salt, it's nice to see it getting air time.

Listen on Apple Podcasts
Get it on Google Play
Download via RSS


  1. Let's retain some pragmatism when talking about biometric auth (that's a link to my Face ID piece from last year; still relevant today)
  2. We need to get extension and add-on developers whitelisting themselves in CSPs (not doing so breaks their tools and floods site owners with invalid reports)
  3. Google U2F implementation for 2FA is very slick! (particularly for the tech folks, you definitely want to get in on this)
  4. Netsparker is sponsoring my blog again this week (I've been a long-time fan of their work, check 'em out!)
Weekly update
Tweet Post Update Email RSS

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals