Learn the fundamentals of verifying user authenticity, best practices for managing passwords and user logins, and how to prevent unauthorized access to web pages and actions.
Overview
Syllabus
Introduction
- Best practices for user authentication and access control
- The importance of authentication
- Authentication factors
- Credentials
- Multi-factor authentication
- Pitfalls of multi-factor authentication
- Biometric authentication
- Encryption and hashing
- Brute force attacks
- Speed and throttling
- Dictionary attacks
- Salted passwords
- Strong passwords
- Password requirements
- Password theft and reuse
- Password managers
- Handle forgotten passwords
- Use HTTPS and TLS
- Insecure references
- Regulate access privileges
- Cookies and sessions
- Deny lists and geofilters
- Single sign-on services
- Deactivate user access
- Next steps
Taught by
Kevin Skoglund