Skip to content

Commit

Permalink
Grammar fix on README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@poisa
poisa authored Jul 10, 2017
1 parent 842dc7b commit 6813f90
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ Checklist of the most important security countermeasures when designing, testing
### JWT (JSON Web Token)
- [ ] Use random complicated key (`JWT Secret`) to make brute forcing token very hard.
- [ ] Don't extract the algorithm from the payload. Force algorithm in the backend (`HS256` or `RS256`).
- [ ] Make token expiration (`TTL`, `RTTL`) short as possible.
- [ ] Make token expiration (`TTL`, `RTTL`) as short as possible.
- [ ] Don't store sensitive data in the JWT payload, it can be decoded [easily](https://jwt.io/#debugger-io).

### OAuth
Expand Down

0 comments on commit 6813f90

Please sign in to comment.