Our security checklist for our system requires the following:
Generating session IDs that are at least 128 bits (16 bytes) in length will cause an attacker to take a large amount of time and resources to guess, reducing the likelihood of an attacker guessing a session ID.
I can see on the "User Sessions" screen that each session is given a session ID that appears to be 7 characters in length, but that is all I can see for the Session ID? Does Jira fit this requirement. Is there a way to make Jira give a longer session ID? Is this something that I can not change and just have to express to my security department that it is what it is?
This morning, Atlassian announced the acquisition of ThinkTilt , the maker of ProForma, a no-code/low code form builder with 700+ customers worldwide. ThinkTilt helps IT empower any team in their or...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events