ASVS Requirement 7.2.3

• Level: 1
• Chapter: V7 Session Management
• Section: V7.2 Fundamental Session Management Security
• Source: 0x16-V7-Session-Management.md

Description

Verify that if reference tokens are used to represent user sessions, they are unique and generated using a cryptographically secure pseudo-random number generator (CSPRNG) and possess at least 128 bits of entropy.