Maciej Cegłowski has published a long, practical, insightful, and witty article on his experiences with political campaign security. He wisely focuses on a handful of steps to narrow the attack surface with the fewest tools and techniques.
This should be a Coursera course, or a series of short videos.
These are design patterns in the Christopher Alexander sense rather than the object oriented design sense: they address the physical and network environment rather than focusing on software abstractions. The patterns were introduced in my book Authentication.
There are four patterns: local, direct, indirect, and off-line.
Continue reading Design Patterns for Identity Systems