This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Consumer Best Practices"

From OWASP
Jump to: navigation, search
(Created page with "= Potential OWASP Consumer Top Ten = Safe practices for consumers on the web. == Weak password handling == - MFA - Password Manager - Strong Passwords - Password Synchroniza...")
 
Line 4: Line 4:
  
 
== Weak password handling ==
 
== Weak password handling ==
- MFA
+
* MFA
- Password Manager
+
* Password Manager
- Strong Passwords
+
* Strong Passwords
- Password Synchronization
+
* Password Synchronization
- Security questions
+
* Security questions
  
 
==Information Disclosure/Sensitive Data Exposure==
 
==Information Disclosure/Sensitive Data Exposure==
- Social Media
+
* Social Media
- Pictures
+
* Pictures
- Giving information away
+
* Giving information away
  
 
==Trusting Untrusted Sources (**This should be renamed**)==
 
==Trusting Untrusted Sources (**This should be renamed**)==
- Untrusted Sources
+
* Untrusted Sources
- WiFi
+
* WiFi
- Use antivirus
+
* Use antivirus
  
 
==Lack of Proper Encryption in Transit==
 
==Lack of Proper Encryption in Transit==
- Do Not Ignore SSL Warnings
+
* Do Not Ignore SSL Warnings
- Use Encryption  
+
* Use Encryption  
  
 
==Lack of Proper Encryption at Rest==
 
==Lack of Proper Encryption at Rest==
- Encrypt PII
+
* Encrypt PII
- Don't store sensitive information unencrypted
+
* Don't store sensitive information unencrypted
  
 
==Using Components with Known Vulnerabilities==
 
==Using Components with Known Vulnerabilities==
- Patch
+
* Patch
- Configure application settings for security
+
* Configure application settings for security

Revision as of 17:36, 10 June 2016

Potential OWASP Consumer Top Ten

Safe practices for consumers on the web.

Weak password handling

  • MFA
  • Password Manager
  • Strong Passwords
  • Password Synchronization
  • Security questions

Information Disclosure/Sensitive Data Exposure

  • Social Media
  • Pictures
  • Giving information away

Trusting Untrusted Sources (**This should be renamed**)

  • Untrusted Sources
  • WiFi
  • Use antivirus

Lack of Proper Encryption in Transit

  • Do Not Ignore SSL Warnings
  • Use Encryption

Lack of Proper Encryption at Rest

  • Encrypt PII
  • Don't store sensitive information unencrypted

Using Components with Known Vulnerabilities

  • Patch
  • Configure application settings for security
Retrieved from "https://wiki.owasp.org/index.php?title=Consumer_Best_Practices&oldid=217838"