This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Establish secure defaults"
| Line 2: | Line 2: | ||
{{Template:Stub}} | {{Template:Stub}} | ||
| + | |||
| + | {{Template:Principle}} | ||
| + | |||
| + | Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
<br> | <br> | ||
| Line 8: | Line 12: | ||
| − | == | + | ==Description== |
There are many ways to deliver an “out of the box” experience for users. However, by default, the experience should be secure, and it should be up to the user to reduce their security – if they are allowed. | There are many ways to deliver an “out of the box” experience for users. However, by default, the experience should be secure, and it should be up to the user to reduce their security – if they are allowed. | ||
For example, by default, password aging and complexity should be enabled. Users might be allowed to turn these two features off to simplify their use of the application and increase their risk. | For example, by default, password aging and complexity should be enabled. Users might be allowed to turn these two features off to simplify their use of the application and increase their risk. | ||
| + | |||
| + | |||
| + | ==Examples== | ||
| + | |||
| + | ===Short example name=== | ||
| + | : A short example description, small picture, or sample code with [http://www.site.com links] | ||
| + | |||
| + | ===Short example name=== | ||
| + | : A short example description, small picture, or sample code with [http://www.site.com links] | ||
| + | |||
| + | |||
| + | ==Related [[Vulnerabilities]]== | ||
| + | |||
| + | * [[Vulnerability 1]] | ||
| + | * [[Vulnerabiltiy 2]] | ||
| + | |||
| + | |||
| + | ==Related [[Controls]]== | ||
| + | |||
| + | * [[Controls 1]] | ||
| + | * [[Controls 2]] | ||
| + | |||
| + | |||
| + | ==References== | ||
| + | |||
| + | * http://www.link1.com | ||
| + | * [http://www.link2.com Title for the link2] | ||
| + | |||
| + | |||
| + | __NOTOC__ | ||
| + | |||
| + | ==Overview== | ||
| + | |||
[[Category:Principle]] | [[Category:Principle]] | ||
Revision as of 12:36, 7 September 2008
This is a principle or a set of principles. To view all principles, please see the Principle Category page.
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
This is a principle or a set of principles. To view all principles, please see the Principle Category page.
Last revision (mm/dd/yy): 09/7/2008
ASDR Table of Contents
Description
There are many ways to deliver an “out of the box” experience for users. However, by default, the experience should be secure, and it should be up to the user to reduce their security – if they are allowed.
For example, by default, password aging and complexity should be enabled. Users might be allowed to turn these two features off to simplify their use of the application and increase their risk.
Examples
Short example name
- A short example description, small picture, or sample code with links
Short example name
- A short example description, small picture, or sample code with links
Related Vulnerabilities
Related Controls
References
