The Copenhagen Book

A pretty good resource on avoiding common security issues when it comes to implementing authentication.