R358. Notify upcoming expiration dates

Requirement

The system must notify the users when their credentials are about to expire.

References

  1. CWE-263: Password Aging with Long Expiration. Allowing password aging to occur unchecked can result in the possibility of diminished password integrity.

  2. OWASP-ASVS v4.0.1 V2.3 Authenticator Lifecycle Requirements.(2.3.3) Verify that renewal instructions are sent with sufficient time to renew time bound authenticators.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy