Application Security Guidance - User and Password Management

Keeping the theme from last post, let us dig into how system designers can take advantage of simple technology agnostic and common security best practices to design a sound user and password management subsystem for their critical IT applications.

 

 

.

The above guidance is not comprehensive but attempts to outline the best practices to achieve functional requirements of a user and password management subsystem.

Ashish Popli, Sr. Security Consultant, Microsoft ACE Services.