Testing Session Timeout
OWASP Web Security Testing Guide 4.2 > 6. Session Management Testing > 6.7. Testing Session Timeout
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
6.7 | WSTG-SESS-07 | Testing Session Timeout | - Validate that a hard session timeout exists, after the timeout has passed, all session tokens should be destroyed or be unusable. |