When password protecting your application with Caspio authentication, the following best practices can be used as a checklist to ensure important safeguards are considered.
1. Username field should be unique
This is now enforced by Caspio when creating a new application, but your old apps may or may not be following this rule depending on how they were designed. Basically, the field designated as username must be set to be unique in Table Design.
2. Encrypt passwords
This is an option left to application owner, but we highly recommend encrypting password fields. This is done in Table Design by selecting Password as data type of the field. The data in encrypted password fields is never visible through any app interface or Caspio table. If a user needs to change their password, new data can be entered through a Password Recovery DataPage.
3. Password length and strength
In your form, require a minimum length for password that meets your standards. Many experts recommend requiring at least eight characters and including numbers and special characters. Enforcing strong passwords is a planned as a future option in Caspio, however at this time you can achieve this with a custom script.
4. Encourage regular password change
Prompt your users to change their password every 3 months and encourage them not to use old passwords. One way to prompt your users is to send an email which links to a Password Recovery DataPage.
5. Add CAPTCHA to login forms
To prevent brute force hacking, consider adding CAPTCHA to login forms. This can be done in the Authentication wizard when Advanced is selected on the first screen. Alternatively, you can ask for a two part authentication process, such as password and a security question.
Do you have any other tips for securing your Caspio apps? Share it with other users.
- - How to Create a Database from Excel (Part 1: Import Spreadsheet)
- - Announcing Caspio Global Sites for Better Performance and Compliance
- - Form To Excel – Three ways to get web form data into Excel
- - Need Structured Data in Your CMS? Embed Caspio’s Cloud Database
- - Convert Microsoft Excel to a Web Database
TagsAmazon app templates awards BYOD Caspio Cloud Cloud Apps cloud computing cloud database community customers database reports data sets election Excel extensions facebook government how-to iPad iPhone Map Mashup media mobile mobile apps MS Access MS Excel News non-profit online database paas plugins ready-made applications ready-to-publish database roadmap searchable database search applications security Services usability web applications web apps web design web forms widgets