Join Kevin Skoglund for an in-depth discussion in this video Password requirements, part of Foundations of Programming: Web Security.
- View Offline
Once you're handling passwords in a secure way,…it's important to also think about…the password requirements that you have for your users.…In this movie, I'll give you a couple of guidelines.…First, you'll want to require a certain length,…but do not limit the total length of the password.…We'll talk more about length…when we talk about Brut Force Attacks.…But longer passwords are significantly stronger.…A ten-character password,…is much more secure than an eight-character one.…And if that's the case,…then why would you limit their length?…Let the password be as strong as possible.…
When you apply a hashing algorithm,…the encrypted strings that result…are always of the same length,…whether you hash one character…or one hundred characters.…Hashing algorithms might generate a thirty character string,…a forty character string, or something else, as a result.…But it will always be the same,…so the length doesn't matter…in the password that you end up storing, anyway.…It's also a good policy to require…non-alpha numeric characters.…
This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Skill Level Beginner
1. Security Overview
2. General Security Principles
3. Filtering Input, Controlling Output
4. The Most Common Attacks
5. Encryption and User Authentication
6. Other Areas of Concern
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.