WebApp Sec mailing list archives
Web App Security, Testing Checklist, Protecting Passwords
From: Paul Johnston <paj () pajhome org uk>
Date: Sun, 3 May 2009 23:26:14 +0700
Hi, I have just updated the security section of my web site; there's a couple of pages that may interest people on this list: A high-level overview of web application security: http://pajhome.org.uk/security/web.html Checklist for testing web apps: http://pajhome.org.uk/security/webchecks.html Also, for many years I have provided a JavaScript MD5 library. This can be used to perform challenge-response authentication, protecting passwords on sites that do not use SSL. I have recently approached some of the main web frameworks, to encourage them to implement this in their authentication library. http://pajhome.org.uk/crypt/md5/ I'd welcome any comments on the above. Best wishes, Paul
Current thread:
- Web App Security, Testing Checklist, Protecting Passwords Paul Johnston (May 04)