Security best practices

See also Secure Coding

Storing passwords

Web application security

Tools