Sunday, July 7, 2013

Security Checklist for Login Module

While a programmer is proceeding towards architecture of login module design and development, following checklist is quite important not only in terms of security but also to avoid frequent updation in the architecture of login system.

  1. On password reset, all Login Remember must be removed automatically 
  2. On password reset, user must be notified on his mail that his/her password has been reset.
  3. On logout, blockage of pressing backward and again sending login credential information must be taken care.
  4. User can check remember me option, but a special variable must be saved instead of password or user id as cookie in the browser. 
  5. User can be asked to enter password of at least 6 characters.
  6. After a gap of few months users can be prompted to update their password credentials based on their record over the frequency of invalid password entries.
While sending login details to the user, the data must be sent as POST method. When a login credentials are being sent using normal post method, it is necessary to disable back button or clear previous history.

However with the usage of ajax post method, this browser security mishaps are easily avoidable.

Posted by Ravi Saxena at 12:02:00 PM
Labels:

4 comments:

  1. AnonymousJuly 10, 2013 at 5:18 AM

    I lοve уour blog.. veгy nice сolorѕ
    & theme. Did you design this website yourself or ԁid
    yοu hire ѕomеone tο do it foг уou?
    Plz responԁ as ӏ'm looking to create my own blog and would like to find out where u got this from. many thanks

    Feel free to surf to my web blog; Gazete köşe yazıları

    ReplyDelete
  2. AnonymousSeptember 24, 2013 at 9:30 AM

    Does your website have a contact page? I'm having a tough time locating it
    but, I'd like to shoot you an email. I've got some ideas for your blog you might
    be interested in hearing. Either way, great site and
    I look forward to seeing it develop over time.


    My web site ... microsoft point gratuit 2012

    ReplyDelete
  3. AnonymousFebruary 1, 2014 at 8:32 PM

    Hi, I do believe this is a great website. I stumbledupon it ;) I will come
    back yet again since I saved as a favorite it. Money and freedom is
    the greatest way to change, may you be rich and continue
    to help others.

    Also visit my blog Farmville 2 cheats

    ReplyDelete
  4. AnonymousMay 12, 2014 at 2:41 PM

    I know this web page provides quality depending articles or reviews and other
    stuff, is there any other site which offers these kinds of things in
    quality?

    Take a look at my web site

    ReplyDelete

Subscribe to: Post Comments (Atom)