What are the top 10 Application Security Authentication Requirements? Authentication based on a username and password combination is the most common form of authentication. As the level of security increases within an application then simple usernames and passwords are no longer acceptable as passwords are often considered pre-breached.
Top 10 Application Security Authentication Requirements
When we start to breakdown authentication requirements, the list per OWASP Verification Standard 4.0, includes:
- Password Requirements
- General Authenticator Requirements
- Authenticator Lifecycle Requirements
- Credential Storage Requirements
- Credential Recovery Requirements
- Look-up Secret Verifiers
- Out of Band Verifiers
- Single or Multi-Factor One-Time Verifiers
- Cryptographic Software and Devices Verifiers
- Service Authentication
Reference: https://www.nuharborsecurity.com/10-application-security-authentication-requirements/
Comments