Skip to content

Commit

Permalink
check recommendation in security doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@SammySteiner
SammySteiner committed Jun 28, 2024
1 parent d09e36f commit 8238606
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/app-rails/application-security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ There is currently no file upload or download functionality at this time, so ple
- [x] Use a secondary verification when users change their password
- Note: Change password requires 6 digit code from email sent to user's email address.
- [ ] Require user's password when changing email.
- [ ] Include honeypot fields and logic on Non logged in forms to catch bots that spam all fields (good resource: https://nedbatchelder.com/text/stopbots.html).
- [x] Include honeypot fields and logic on Non logged in forms to catch bots that spam all fields (good resource: https://nedbatchelder.com/text/stopbots.html).
- [ ] Consider using Captcha on account creation, login, change password, and change email forms.
- Note: Captchas are often not accessible to screen readers and their use should be part of a UX discussion.
- [x] Filter log entries so they do not include passwords or secrets
Expand Down

0 comments on commit 8238606

Please sign in to comment.