[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] IP address change: relogin

From: "Martin O'Neal" <martin.oneal@xxxxxxxxxxxx>
Subject: RE: [WEB SECURITY] IP address change: relogin
Date: Thu, 31 Jul 2008 17:24:09 +0100

> Make it simple...force users to enter 
> passwords PLUS implement verifications 
> of unique tokens generated with every 
> request (encrypted tokens), whenever 
> users (authenticated or otherwise) 
> make a HTTP request that may reveal 
> any sensitive information etc. 

Sounds interesting; what unique tokens are these?

Martin...

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

References:
- Re: [WEB SECURITY] IP address change: relogin
  - From: Jason Muskat
- Re: [WEB SECURITY] IP address change: relogin
  - From: Esam Gharish

Prev by Date: Re: [WEB SECURITY] IP address change: relogin
Next by Date: Re: [WEB SECURITY] IP address change: relogin
Previous by thread: Re: [WEB SECURITY] IP address change: relogin
Next by thread: Re: [WEB SECURITY] IP address change: relogin
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site