What are the top 10 Application Security Authentication Requirements? Authentication based on a username and password combination is the most common form of authentication.  As the level of security increases within an application then simple usernames and passwords are no longer acceptable as passwords are often considered pre-breached.

Top 10 Application Security Authentication Requirements

When we start to breakdown authentication requirements, the list per OWASP Verification Standard 4.0, includes:

  1. Password Requirements
  2. General Authenticator Requirements
  3. Authenticator Lifecycle Requirements
  4. Credential Storage Requirements
  5. Credential Recovery Requirements
  6. Look-up Secret Verifiers
  7. Out of Band Verifiers
  8. Single or Multi-Factor One-Time Verifiers
  9. Cryptographic Software and Devices Verifiers
  10. Service Authentication

Reference: https://www.nuharborsecurity.com/10-application-security-authentication-requirements/


Leave a Reply

Your email address will not be published. Required fields are marked *

Sign In


Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.