Web Application Security: Passwords Checklist is a guide to enforce password security best practices with your applications.
Web applications require multiple layers of security and passwords still play an important role when securing your web application.
Web Application Security: Passwords Checklist
Set a minimum password length of 12 characters.
Set up to 64 characters as their passwords.
Allow users to change their passwords.
Require users to set passwords to a complexity match at least all of the following criteria: uppercase, lowercase, numbers, and symbols.
Store passwords using a secure hashing method when storing them at rest.
Allow users to use the full Unicode character set.
Allow for the full spectrum of characters.
Verify that the password registered or updated by my users aren't using a password found in the top 1,000 (or 10,000) breached passwords.
Display to the user a "password strength meter" showing them the strength or their passwords.
NOTES:
– Don’t force users to periodically rotate/change their passwords
– Allow users to paste, use the browsers password helper, and user password managers while using my application
Passwords checklist has been submitted to us by Geekmasher.
Related Checklists
Network Security Policies Checklist
Network Security Policies need to be created and implement to prevent and protect unauthorised intrusion into your network. Network security
Network Security Solutions Checklist
Security solutions that protect your network for a cyber security attack. All businesses whatever of size or industry requires a
Network Security Checklist
Network security is an essential part of modern business and might seem too complex but there are steps you can
Business Process Improvement:
Identifying Weak Processes and Fine-Tuning
Identify ways to improve your business operations.
Website Accessibility Checklist
Website accessibility checklist gives you some tips to guide you towards changes you can make so that your website can
Website Testing Checklist
Website testing can have a big impact on how well your new website performs. Sounds obvious but testing helps identify
Related Checklists
Network Security Policies Checklist
Network Security Policies need to be created and implement to prevent and protect unauthorised intrusion into your network. Network security
Network Security Solutions Checklist
Security solutions that protect your network for a cyber security attack. All businesses whatever of size or industry requires a
Network Security Checklist
Network security is an essential part of modern business and might seem too complex but there are steps you can
Business Process Improvement:
Identifying Weak Processes and Fine-Tuning
Identify ways to improve your business operations.
Website Accessibility Checklist
Website accessibility checklist gives you some tips to guide you towards changes you can make so that your website can
Website Testing Checklist
Website testing can have a big impact on how well your new website performs. Sounds obvious but testing helps identify
