re: What are your default 'safe' meaning in software security? VIEW POST


I might consider including two-factor authentication that sends you a challenge email or SMS to enter for the user to register and confirms their identity.

The JWT wise I might reduce the token duration to a fix duration and check for expired tokens with options to refresh using unexpired token.

Besides that, I might consider to just use Auth0 or Okta technology to implement the following features.

Code of Conduct Report abuse