© The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2022
M. BakerSecure Web Application Development https://doi.org/10.1007/978-1-4842-8596-1_9

9. Password Management

Matthew Baker1  
(1)
Kaisten, Aargau, Switzerland
 

In this chapter, we will look at the storage and management of passwords, both for our users and for accessing services like databases.

Passwords are often the weakest link in web application security. This is because they rely on humans to be secure. We have two types of attack to consider:
  1. 1.

    Cracking a password

     
  2. 2.

    Getting the password from a user

     

Password management is as much a responsibility of the user as it is of us as developers. We have little control over our users. However, we can limit the likelihood ...

Get Secure Web Application Development: A Hands-On Guide with Python and Django now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial