I've seen plenty of questions dealing with beta testing, marketing, market research and so on.
My question is which practical quality assurance and security steps should a web app or service make sure they have ready when launching to real people?
- double-checking against SQL injections
- user password recovery
- double checking file & folder permissions
- 404 pages
Even in a private beta, what things should absolutely be a part of a launch?