Difference between revisions of "Talk:OWASP Application Security FAQ"

From OWASP
Jump to: navigation, search
(added md5 hashing discussion)
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
I feel that this page/article should be renamed to "OWASP Application Security FAQ". The complete form is usually preferred in Wikipedia articles and it does make the page title more readable and probably more search engine friendly. --[[User:Varunvnair|Varunvnair]] 23:19, 2 July 2006 (EDT)
 
I feel that this page/article should be renamed to "OWASP Application Security FAQ". The complete form is usually preferred in Wikipedia articles and it does make the page title more readable and probably more search engine friendly. --[[User:Varunvnair|Varunvnair]] 23:19, 2 July 2006 (EDT)
 +
 +
== Need for more questions and answers ==
 +
 +
I think more questions and answers should be included into the OWASP Application Security FAQ. This requires contribution from other readers. If an answer needs clarification, please mention it in 'Discussion'.
 +
 +
== SSL Could Use a Refresh ==
 +
 +
The "SSL" sections here are getting pretty dated.  For example, there's no mention of "AES" or "SHA1" and the only mentioned symmetric key bit lengths are 40 and 128. ''[[User:Jlampe|Jlampe]] 09:35, 23 February 2009 (EST)''
 +
 +
== MD5 Password Hashing ==
 +
 +
The FAQ talks about hashing passwords with MD5. I believe bcrypt is the current accepted standard.  ''[[User:Ryan Dewhurst|Ryan Dewhurst]] 22:02, 22 March 2013 (GMT)''

Revision as of 16:03, 22 March 2013

I feel that this page/article should be renamed to "OWASP Application Security FAQ". The complete form is usually preferred in Wikipedia articles and it does make the page title more readable and probably more search engine friendly. --Varunvnair 23:19, 2 July 2006 (EDT)

Need for more questions and answers

I think more questions and answers should be included into the OWASP Application Security FAQ. This requires contribution from other readers. If an answer needs clarification, please mention it in 'Discussion'.

SSL Could Use a Refresh

The "SSL" sections here are getting pretty dated. For example, there's no mention of "AES" or "SHA1" and the only mentioned symmetric key bit lengths are 40 and 128. Jlampe 09:35, 23 February 2009 (EST)

MD5 Password Hashing

The FAQ talks about hashing passwords with MD5. I believe bcrypt is the current accepted standard. Ryan Dewhurst 22:02, 22 March 2013 (GMT)