Difference between revisions of "Establish secure defaults"

From OWASP
Jump to: navigation, search
 
(2 intermediate revisions by one user not shown)
Line 2: Line 2:
  
 
{{Template:Stub}}
 
{{Template:Stub}}
 
{{Template:Principle}}
 
  
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
Line 9: Line 7:
 
<br>
 
<br>
 
[[Category:OWASP ASDR Project]]
 
[[Category:OWASP ASDR Project]]
[[ASDR Table of Contents]]__TOC__
 
  
  
Line 47: Line 44:
  
 
__NOTOC__
 
__NOTOC__
 
==Overview==
 
  
  
 
[[Category:Principle]]
 
[[Category:Principle]]

Latest revision as of 07:29, 7 April 2009

This is a principle or a set of principles. To view all principles, please see the Principle Category page.

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


Last revision (mm/dd/yy): 04/7/2009



Description

There are many ways to deliver an “out of the box” experience for users. However, by default, the experience should be secure, and it should be up to the user to reduce their security – if they are allowed.

For example, by default, password aging and complexity should be enabled. Users might be allowed to turn these two features off to simplify their use of the application and increase their risk.


Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Vulnerabilities


Related Controls


References