From the course: Developing Secure Software (2015)
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Broken authentication and session management
From the course: Developing Secure Software (2015)
Broken authentication and session management
- Authentication is one of the most common form of access control. Session management complements authentication by making the effect of authentication expire over time. Authentication verifies the identity of a supplicant who provides security credentials such as passwords. Authentication and session management often break due to reasons such as password cracking, insecure communication channels, insider threats or social engineering. More importantly, software developers often use their own custom code to implement authentication and session management. Building your own custom authentication and session management scheme is hard and prone to error, eventually leading to security vulnerabilities. Once compromised, broken authentication can allow unrestricted access to the software system resources which is extremely dangerous.
Contents
-
-
-
-
-
-
Setting the stage34s
-
(Locked)
Buffer overflow attacks1m 41s
-
(Locked)
Buffer overflow countermeasures1m 44s
-
(Locked)
Broken authentication and session management1m 7s
-
(Locked)
Broken authentication and session management countermeasures2m 1s
-
(Locked)
Insecure direct object references1m 24s
-
(Locked)
Insecure direct object references countermeasures52s
-
(Locked)
Sensitive information exposure1m 6s
-
(Locked)
Sensitive data exposure countermeasures1m 37s
-
(Locked)
Other secure coding best practices2m 22s
-
-
-
-