In 2013 over 34 million Americans reported some form of identity theft. Three quarters through 2014 there is already a reported 568 data breaches with over 75 million records compromised and hundreds of millions of users affected. This is up from the 439 breaches in 2013. Identity theft isn’t a possibility, it’s a reality that is happening all the time and identity theft is at the core of the 2nd of OWASP’s top 10 most critical web security risks of 2013; Broken Authentication and Session Management.
Here we'll examine the overall theme of just what broken authentication and session management looks like and also look at how to properly implement some common website features correctly.
http://lockmedown.com/broken-authentication-and-session-management/
