Web Application Security: Passwords Checklist

Web Application Security Passwords Checklist

Web Application Security: Passwords Checklist is a guide to enforce password security best practices with your applications.

Web applications require multiple layers of security and  passwords still play an important role when securing your web application.

Web Application Security: Passwords Checklist

Set a minimum password length of 12 characters.

Set up to 64 characters as their passwords.

Allow users to change their passwords.

Require users to set passwords to a complexity match at least all of the following criteria: uppercase, lowercase, numbers, and symbols.

Store passwords using a secure hashing method when storing them at rest.

Allow users to use the full Unicode character set.

Allow for the full spectrum of characters.

Verify that the password registered or updated by my users aren't using a password found in the top 1,000 (or 10,000) breached passwords.

Display to the user a "password strength meter" showing them the strength or their passwords.

NOTES:

– Don’t force users to periodically rotate/change their passwords
– Allow users to paste, use the browsers password helper, and user password managers while using my application

Passwords checklist has been submitted to us by Geekmasher.

Tweet
Pin
Share
Share

Related Checklists

Tweet
Pin
Share
Share

Related Checklists

Louise

Louise
All Posts »

Leave a Reply

Team Checklists Made Easy

Get early access and find out how simple managing your team’s tasks can be

Get Early Access NOW
Getting Started
Support
Company
Instagram Pinterest Twitter Facebook-f Linkedin-in
CHECKIFY © 2019 All rights reserved
Close Menu
checkify checklist favicon
Menu
Sign In