developer guidance application security

All Pages that Use Authentication Have Logout Links

By Serge Truth   |  September 27, 2011
READ NOW
Read Post

 Tags: developer guidance application security

Log OutWhat to Check For

Verify that all pages that use authentication have logout links.

Why

Placing a logout link on every page that requires authentication helps the user end the session when he is done with the site. Ending the session helps prevent hijacking.

How to Check

To verify that all pages that use authentication have logout links:

  1. Identify all pages that use authentication. Make a list of all pages on your site that use authentication.

  2. Verify the presence of logout links. Examine each page that uses authentication to make sure it has a logout link in a location that can be found intuitively.

How to Fix

To place a logout link on each page that uses authentication:

  1. Identify all pages that use authentication. Make a list of all pages on your site that use authentication.

  2. Add logout links. Add a logout link to each page that uses authentication.
Security Innovation

Quick Links

Services

Solutions

Resources

About

Contact Us

Contact Us

Phone: (877) 839-7598

Copyright © 2024 Security Innovation, Inc. All Rights Reserved


Privacy Policy