REFERENCE LIBRARY
Security the Basics
The security of any system is determined by its weakest parts. Hackers are creative and will try unexpected things. It is impossible to create a single library that can do everything.
Therefore, it is recommended that developers do what they can outside the scope of the existing library to secure their applications. For example, it is recommended to use a captcha, or something similar, when a user is registering on a web application without any specific invitations.
Rate limiting is recommended upon login. This isn’t currently available in DataFlex, but there are external tools, such as a web application firewall, that can be used.
Recovery wasn’t discussed in this series but is important when needing users lose their passcode or second factor key.
Encryption key storage, though not thoroughly discussed, is extremely important; it must be stored in a secure place, and not with the encrypted data.
To stay current with ever-changing security needs, it is important to stay up-to-date with the latest version of DataFlex and the security library to stay on top of recent developments.
