[Owasp-cincinnati] Session Destroy References

Edward Sumerfield esumerfd at bitbashers.org
Thu Jun 25 17:24:05 EDT 2009

I was looking for a reference to send someone on recommendations on why to
destroy the web session on login and logout. I could only find the "Destroy
Session on Logout" reference in this OWASP document but nothing for the
login process. Did I miss something or is it something we need to add?


Ed Sumerfield
Ed Sumerfield Consulting, LLC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20090625/ffffe3df/attachment.html 

More information about the Owasp-cincinnati mailing list