Checklist
OWASP session management checklist
A checklist based on the OWASP Session Management Cheat Sheet. Use this when reviewing how sessions, cookies, and tokens are issued, transmitted, and revoked.
https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html- 34 items
- 7 sections
- Reusable template
Your progress
0 of 34 items complete
0%
complete
Saved in your browser. Sign in to Checksy to share progress with your team.
Session token generation
Cookie attributes
Session lifetime
Session termination
Cross-site request protection
Token-based sessions (JWT, opaque)
Transport and storage
Run this checklist for real
Save your progress, share with your team, and turn this into a reusable template. This helps you track how you improve over time.