This link appeared in WDRL 150 on .
Troy Hunt: Website enumeration insanity: how our personal data is leaked
Troy Hunt wraps up how our personal data is usually leaked and why security is a design process, not only an implementation process. Also a good primer on how to design a password recovery feature.