How it works...
Authentication mechanisms in web applications are very often reduced to a username/password login page. Although not the most secure option, it is the easiest for users and developers; when dealing with passwords, their most important aspect is their strength.
As we have seen throughout this book, the strength of a password is given by how hard it is to break, be it by brute force, dictionary, or guessing. The first tips in this recipe are meant to make passwords harder to brute-force by establishing a minimum length, and using mixed character sets harder to guess by eliminating the more intuitive choices (username, most common passwords, and company name), and harder to break if leaked by using strong hashing or encryption ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access