开放Web软体安全项目(Open Web Application Security Project)
The default MVC template that Visual Studio gives you does not make best use of the tools available. It’s insecure, slow, and really has a very basic feature list (That’s the point of it). ASP.NET MVC Boilerplate provides you with a few more pieces of the puzzle to get you started quicker. It makes liberal use of comments and even gives you a checklist of tasks which you need to perform to make it even better.
用户账户系统安全Salted Password Hashing - Doing it Right：https://crackstation.net/hashing-security.htm