Didi era, on the safety awareness of product managers (2) Validity period of login status For platforms with sensitive operations, such as Tencent Cloud, developers generally job function email list have permissions to add, delete, modify, query the database, add, delete, modify and query the cos file storage. If the user does not perform any operations within the specified time (such as 1 hour), job function email list the login state should be directly invalid. , you need to log in again for the next operation.
If the user has an operation within the specified job function email list time, the login status can be renewed and extended. (3) Frequency limit It is recommended that the login job function email list interface needs to have the frequency limit capability to prevent brute force cracking. 2. Strict definition of inputs in the requirements phase For example, in the registration phase, a mobile phone number can only be registered for one account, the password strength is stipulated, the user name cannot be repeated,
The user name cannot contain special characters, job function email list etc. These measures can ensure the security of user information to a certain extent. For another example, job function email list a box that can execute SQL code to view data, if the input verification is not done well, it is very likely that some SQL statements will be maliciously executed, resulting in data loss and change. 3. Key operations