MozillaWiki

WebAppSec/Secure Coding Guidelines: Difference between revisions

Page Discussion

WebAppSec/Secure Coding Guidelines (view source)

Revision as of 16:21, 2 October 2011

1 byte removed ,  2 October 2011
→‎Password Rotation
Line 41: Line 41:


===Password Rotation===
===Password Rotation===
Password rotations have proven to be a little tricky and this should only be used if there is lack of monitoring with-in the applications and there is a mitigating reason to use rotations. Reasons being short password, or lack of password controls.  
Password rotations have proven to be a little tricky and this should only be used if there is lack of monitoring within the applications and there is a mitigating reason to use rotations. Reasons being short password, or lack of password controls.  
* Privileged accounts - Password for privileged accounts should be rotated every: 90 to 120 days.  
* Privileged accounts - Password for privileged accounts should be rotated every: 90 to 120 days.  
* General User Account - It is also recommended to implement password rotations for general users if possible.
* General User Account - It is also recommended to implement password rotations for general users if possible.
Misterkeg
4

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/353852"