I'm bad at english any word correction welcome
I never build a well-known app that maybe get some DDOS attack or XSS. This is why I'm asking this kind of question to folks here 😄 I never feels secure about my app.
Lest talk this on web platform, but I welcome any 'safe' opinion around other platform.
For simplicity lets build Login and Register app only, nothing special.
I'll consider that app safe when I do this:
- Hash password
- Using HTTPS
- Using JWT for auth and store that on localStorage/or cookies
- Sanitize my input
That's it from me. Whats yours? Do you had any tips for me? 😃