markdown guide

For security, at least store passwords hashed with salt and validate and escape all user inputs. Consider scanning for top vulnerabilities on the top of OWASP list, and use a canary token. None of which impacts usability.

For usability, I'd consider accessibility basics, such as minimum color contrast, minimum button size, etc.