This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Consumer Best Practices

From OWASP
Revision as of 17:36, 10 June 2016 by Jmanico (talk | contribs)

Jump to: navigation, search

Potential OWASP Consumer Top Ten

Safe practices for consumers on the web.

Weak password handling

  • MFA
  • Password Manager
  • Strong Passwords
  • Password Synchronization
  • Security questions

Information Disclosure/Sensitive Data Exposure

  • Social Media
  • Pictures
  • Giving information away

Trusting Untrusted Sources (**This should be renamed**)

  • Untrusted Sources
  • WiFi
  • Use antivirus

Lack of Proper Encryption in Transit

  • Do Not Ignore SSL Warnings
  • Use Encryption

Lack of Proper Encryption at Rest

  • Encrypt PII
  • Don't store sensitive information unencrypted

Using Components with Known Vulnerabilities

  • Patch
  • Configure application settings for security