cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
TonyDS
Newcomer II

Website Security Design Resources

Hi All,

 

I'm trying to learn about user interactive web-design, from a security perspective.

 

Not just the obvious things like password length and complexity, but for example...

 

- different methods for setting up online user accounts for existing client or customers

- types of username format (eg, e-mail address or site generated ID)

- various password reset mechanisms

 

Different web-sites may have different ways of performing these functions, dependant on whether security or convenience is upmost.

 

Are there any resources or best practices available, which outline the common scenarios and solutions?

 

Thanks for reading...

 

 

1 Reply
JoePete
Advocate I

Try anything and everything you can find from OWASP:

https://www.owasp.org/
 
They have a lot of resources, including vulnerability scanners. The specific cases you list (setting up user accounts, username format, password reset) are fairly broad. I'd suggest you invest a little time first in studying database design, which might have an influence in all those areas. Security is a function of quality. Build it right and you have a good chance at making it secure. Build it haphazardly and all bets are off.