February 20, 2013
To maximise the security of your website during the development stage you must be aware that you are only as strong as your weakest link. In the case of software this weakest link is usually the users. As most security conscious companies will be very aware, the main threats to the security of a website come from those with administrator privileges when their login details are compromised, either through weak passwords or infected local machines. To ensure our clients’ websites are protected we normally suggest the following precautions:-
The website itself needs to be secure from other threats such as SQL injection, remote file inclusion and password attacks. To prevent these attacks we normally suggest the following:-
To ensure we practice what we preach, we follow our own advice and keep our PCs and software up to date, and use password managers (such as 1Password) for storing and accessing passwords.