Recommended

• Perform input validation.
• Make secure options default. Whenever possible, you should make security decisions for your users. Look for ways to shift the effort of security decisions away from users.
• Give the users only the level of access they need.
• Error recovery. Make sure that there is a secure way for the user to recover from an error, e.g. "Password recovery" option.
• Keep it simple. In many cases, a simpler interface is more secure, because the user is less likely to ignore security features and less likely to make mistakes.
• Secure all interfaces: if you have a graphical and a command-line interface for the same functionality consider securing both.