User Account Best Practices
Let’s say, hypothetically, that I wanted to create a “user account” feature for an app.
Where should I go to read up on best practices for safely storing the user’s password on the backend?
I’ve found this to be a good guide.
You should definitely have a look at PAKE.
This is also a great post about it but its pretty long, so nice reading material :)
1 Comment RSS · Twitter
March 29, 2019 1:42 PM
I always look at the OWASP page. Here's their cheatsheet on Authentication: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Authentication_Cheat_Sheet.md
