What API development services do you offer?

We offer REST API development, GraphQL APIs, third-party API integration, Laravel API development, and API security implementation. We also provide DevOps services including AWS infrastructure and CI/CD pipelines.

Where are you based and do you work with clients across the UK?

We're based in Leeds, West Yorkshire, but we work with clients across the entire United Kingdom including London, Manchester, Birmingham, and beyond. We work remotely with businesses throughout Britain.

What technologies do you specialise in?

We specialise in Laravel and PHP for backend development, along with RESTful APIs, GraphQL, Node.js, AWS, Docker, Kubernetes, and CloudFlare. We also work with MySQL and PostgreSQL databases.

Do you provide ongoing support after project completion?

Yes, we offer ongoing support and maintenance packages to ensure your APIs and applications continue running smoothly. This includes monitoring, updates, security patches, and performance optimisation.

Stop Changing Your Passwords (And What to Do Instead)

If your organisation still enforces 90-day password expiry policies, or you personally make a point of regularly rotating your passwords, it is time to revisit that habit. Frequent password changes are no longer considered best practice - and have not been for some time.

What the Guidance Actually Says

The US National Institute of Standards and Technology (NIST) updated their digital identity guidelines to recommend against routine, periodic password changes unless there is evidence of compromise. The UK's National Cyber Security Centre (NCSC) reached the same conclusion, noting that forcing users to change passwords regularly tends to produce weaker passwords, not stronger ones. People respond to rotation policies by appending numbers, cycling through predictable variations, or writing passwords down - all of which reduce security rather than improving it.

The NCSC's position is clear: a long, strong password that is not regularly changed is preferable to a shorter password that gets updated every quarter and follows an obvious pattern.

The Right Approach to Passwords

Rather than worrying about when you last changed a password, focus on what those passwords are and how they are protected.

The model worth adopting is straightforward. Use one strong, unique password to unlock your machine - something lengthy and memorable that you have not used anywhere else. Use a separate strong, unique password to access your password manager. Then let the password manager handle everything else, generating and storing a unique credential for every service you use. You no longer need to remember any of them, and you no longer need to rotate them on a schedule.

The only time you should change a password is when there is a specific reason to do so - a known breach, suspected compromise, or a service notifying you that your credentials may have been exposed.

Pair Strong Passwords With MFA

The most important layer you can add on top of a strong password is multi-factor authentication. An attacker who somehow obtains your password still cannot access your account if MFA is in place. That protection is worth far more than any rotation cycle.

We covered 2FA, MFA, and passkeys in detail in our post Beyond the Password: Understanding 2FA, MFA, and Passkeys. If you have not read it yet, that is the logical next step after getting your password hygiene in order.

A Practical Summary

Use a strong, unique password for your machine login - do not reuse it anywhere else.
Use a different strong, unique password for your password manager.
Let your password manager generate unique credentials for every service.
Enable MFA on every account that supports it, prioritising email and financial services.
Only change a password if there is evidence it has been compromised.

The goal is not to make password management burdensome - it is to make it effective. Fewer, stronger credentials paired with MFA will protect you significantly better than an exhausting rotation schedule that encourages shortcuts.

Stop Changing Your Passwords (And What to Do Instead)

What the Guidance Actually Says

The Right Approach to Passwords

Pair Strong Passwords With MFA

A Practical Summary

Ready to Start Your Project?