Background
Some flaws can't be patched — they're built into the design. A password-reset flow with no rate limiting. A checkout that trusts the price the browser sends.
Questions to ask yourself
- Before we built the site, did anyone do threat modelling?
- Did we test rapid password resets, brute-force logins, repeated card attempts?
- Are limits in place on logins, password resets, account creation?
- Does the system trust data the browser sends?
For owners — questions to ask your developer
Questions to ask your developer
Design flaws are the most expensive to fix after launch. Ask now.
- 01“What threat modelling did we do before building this? What does an attacker try?” A blank look here means none was done.
- 02“What rate limits are in place on logins, password resets, account creation, contact forms?”
- 03“Does the system trust prices, user IDs, or role flags the browser sends — or are these always re-checked server-side?”