You are on point re: facts leakage and this should be an important thought for any person rolling their own individual authentication/authorization scheme. +1 for mentioning OWASP. In response to the two hacktivists and climbing cybercrime, governments, huge firms and Laptop giants labored tricky to boost their programs. Cybersecurity industry http://pigpgs.com
