-->

Attacking Session Management (Remediation)

Attacking Session Management (Remediation)

Securing the Session:
1) Secure token
- random (UUID)
- long
- token protection   
    - never inwards URL
    - cookie flags
        - httponly
        - secure

2) Secure Session Handling
- novel token at login/logout
- former session detroyed
- customer together with server session ending

3) Timeout
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser