Join Kevin Skoglund for an in-depth discussion in this video Strong passwords, part of Programming Foundations: Web Security.
- Developers must be smart about passwords … in order to protect against credential attacks. … The following advice is good for everyone, … but it's especially important … when passwords are used to administer servers. … You should use long passwords … with at least 12 characters. … 12 is a minimum. … 15 characters or more would be even better. … It's good to use character variety, … upper case, lower case, numbers, and symbols, … but variety is not as important as the length. … A common mistake is to think that a short, complex password … is more secure than a long simple one. … Any eight-character password, … even one with character variety … can be discovered by trial and error … in less than three hours. … A 12-character password using all lowercase letters … would take two weeks, … but if you use both length and variety together, … then a 12-character password would take 9000 years. … You should also avoid patterns and dictionary words. … We already know that hackers try those first. …
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting
Skill Level Beginner
Web Programming Foundationswith Morten Rand-Hendriksen58m 44s Beginner
Web Security: Same-Origin Policieswith Sasha Vodnik1h 54m Advanced
1. Security Overview
2. General Security Principles
3. Filter Input, Control Output
4. The Most Common Attacks
Next steps2m 26s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.