When filling out secure forms on banking websites, I always wondered how they know that their application is completely safe. Of course, you know that you are on SSL, your account "should" be secure, and I hope the security issue, account, timeouts, etc. Must keep your account safe. But what is the best way to test this? And what determines how βsafeβ your application is? What if there was an error somewhere in your code, then no matter how many guarantees you have.
Recently, I created a login for a website that will automatically log out a user in 15 minutes, block my account after 3 unsuccessful attempts, contain a secret question and work on SSL. But I need to know what determines the security of the program.
Thanks for any help!
Metropolis
EDIT
Main question. "What is the best way to test PHP security." Are there any measures that need to be taken to ensure this. Of course it should be.
source
share