Confirmed users
81
edits
WebAppSec/Secure Coding Guidelines: Difference between revisions
WebAppSec/Secure Coding Guidelines (view source)
Revision as of 16:23, 1 September 2011
, 1 September 2011→Email Change and Verification Functions
| Line 69: | Line 69: | ||
=== Email Change and Verification Functions === | === Email Change and Verification Functions === | ||
Email verification links should not provide the user with an authenticated session. | Email verification links should not provide the user with an authenticated session. | ||
Email verification codes must expire after 8 hours. | Email verification codes must expire after 8 hours. | ||