[bmelton]

If I were limited to the one most important thing, it would be "How to handle user credentials and data securely."

Your app can fuck up a LOT of things, and maybe you'll lose users, or maybe you'll lose marketshare... but the one thing you shouldn't lose is user data.

[jmau5]

It's interesting that you mention this, because I hadn't even considered it. This is especially important advice given the insane number of privacy issues going on these days.

Thanks!

[bmelton]

No problem. I might not have even thought about it if not for another recent discussion I'd been having about authentication and permissions.

Long and short of it, Github is screwing me over by not letting me get fewer permissions, and I won't release an app that takes more permissions than it needs. It's quite the quandary, really.

[memracom]

Rather than focus on only one aspect of security you would be better off to become familiar with everything related to OWASP https://www.owasp.org/index.php/Main_Page and in particular, you should know how to address their Top 10 Threats.