This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Consumer Best Practices

Revision as of 17:36, 10 June 2016 by Jmanico (talk | contribs)

Jump to: navigation, search

Potential OWASP Consumer Top Ten

Safe practices for consumers on the web.

Weak password handling

  • MFA
  • Password Manager
  • Strong Passwords
  • Password Synchronization
  • Security questions

Information Disclosure/Sensitive Data Exposure

  • Social Media
  • Pictures
  • Giving information away

Trusting Untrusted Sources (**This should be renamed**)

  • Untrusted Sources
  • WiFi
  • Use antivirus

Lack of Proper Encryption in Transit

  • Do Not Ignore SSL Warnings
  • Use Encryption

Lack of Proper Encryption at Rest

  • Encrypt PII
  • Don't store sensitive information unencrypted

Using Components with Known Vulnerabilities

  • Patch
  • Configure application settings for security