This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Talk:Consumer Best Practices

Revision as of 02:37, 14 June 2016 by Jmanico (talk | contribs) (jims notes)

Jump to: navigation, search

Consider where the following fits:

- Don't run unecessary services (Jim: how can we make this consumer-accessable? Dont use unnecessary software or services?)


- Password protect all devices (Jim: I like, suggested stronger beyond default - like iOS defaults are weak)

- Don't remember wifi networks (Jim: Might not be top ten worthy, but I agree. For myself I say "use whatever, but with a VPN")

- Use an inactivity timeout to lock devices (Jim: I like, we might want a generic device top ten item that covers this and others)

- Do not leave mobile devices unattended in public places (Jim: Yes!)

- Encrypt mobile devices (Jim: Yes! But they are doing that by default these days)

- Learn to recognize threats (Jim: Filed under dont click on stuff?)

- Do not mindlessly reply to popup windows (Jim: Agreed, see threat recognition?)

- Review credit reports and online accounts (Jim: Credit monitoring?)

- Use personal firewall (Jim: OS level enough?)