Due to inadequate security, web account management functions, such as account registration, account login, permissions validation can lead to information leakage, brute force attacks, parallel permissions etc. In this paper, these threats are analyzed and corresponding security development methods are introduced.%由于安全设计不足,账号注册、账号登录、权限验证等WEB账号管理功能往往造成信息泄露、暴力破解、平行权限等威胁。文章针对这些威胁进行了分析并介绍了相应的安全开发思路与方法。
展开▼