Having your program hacked sucks. The sad truth is though, if you put a program out there, someone will try to find a way to hack it. Especially if there is a prize on the other side.
2FA: The Rise of Two-Factor Auth
Prison Theory of Web Development Security
The OWASP Top 10 and You
Password Storage (And Hacking) in PHP