In a Spring Security application, you need to implement a feature where the users' passwords must be rotated every 30 days. How would you approach implementing this feature while maintaining a high level of security?
- Implementing a scheduled task to periodically check and rotate passwords
- Implementing a secure password policy and scheduled password rotation task
- Storing password expiration dates in plaintext in the database
- Using a weak hashing algorithm for password storage
To implement password rotation while maintaining security, you should follow best practices like using a strong hashing algorithm, enforcing a secure password policy, and implementing a scheduled task to rotate passwords. Storing expiration dates in plaintext or using weak hashing would compromise security.
Loading...
Related Quiz
- How can you handle exceptions at the @RestController level, and how is it different from using @ControllerAdvice?
- How can you implement Token Enhancement to include additional information in the OAuth2 access token?
- When testing RESTful APIs in Spring Boot, which utility would you prefer to use for simulating HTTP requests?
- Suppose you are working on a Spring Boot project and need to ensure that certain fields in the incoming request payload are consistent with each other (e.g., startDate should be before endDate). How would you implement this validation?
- How can the use of Global Method Security be optimized to secure methods across different layers of a Spring application?