Join Kevin Skoglund for an in-depth discussion in this video Handling forgotten passwords, part of Foundations of Programming: Web Security.
- In this movie I'll provide you with some ideas…on how to handle forgotten passwords.…When a user loses their password,…what we need to establish is…how do we know that the person is…who they say they are?…What proves their identity?…If we can answer that question,…then we know that the person is who they say they are,…then we can grant them access and let them…reset their password to something that they do know.…One way we can do that is we can ask them for…privileged information.…Information that only they should have or know.…For example, on a bank's website,…we might ask a user for their ATM card number…plus their pin code.…
That's the same information they would use…if they walked up to an ATM and wanted to access…their account, so it could be considered a good proxy…for having access to the account in an online environment.…Now privileged information needs to be something…that's unlikely to be lost and found.…Not information that's carried around or written down.…For example, a driver's license number…could be found in a lost wallet.…
This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Skill Level Beginner
1. Security Overview
2. General Security Principles
3. Filtering Input, Controlling Output
4. The Most Common Attacks
5. Encryption and User Authentication
6. Other Areas of Concern
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.