This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Authentication Cheat Sheet
From OWASP
Introduction
Authentication is ....
Session Management is ...
For more information on Authentication, please see the OWASP Guide_to_Authentication) page.
Authentication General Guidelines
Password Strength
Password Recovery
Multi-Factor Authentication
Password Transmission
Login Failure & Lockout
Session Management General Guidelines
Session ID Transport (HTTP & SSL)
Session ID's
Session Validation & Invalidation
Caching & Privacy
Cookie Security
OWASP Cheat Sheets Project Homepage
References
Authors and Primary Editors
Eoin Keary eoinkeary[at]gmail.com