Difference between revisions of "Talk:Guide to Authentication"

From OWASP
Jump to: navigation, search
(New page: "When used in a single factor authentication method (for example, just a thumbprint with no username or password), biometrics are the weakest form of authentication available and are unsui...)
 
(Comment on Threshold Governer section)
 
Line 3: Line 3:
  
 
So I am removing that sentence. There are much worse implementations of single factor authentication.
 
So I am removing that sentence. There are much worse implementations of single factor authentication.
 +
---------------------------------------------
 +
 +
I don't know if this is strictly true:
 +
"    *  Password change**
 +
    * Password resets**
 +
 +
(**Low value systems only - Most medium and all high value systems should not be using passwords, and thus do not possess password reset capabilities) "
 +
 +
Perhaps it should read "Most medium and all high value systems should use more than one factor of authentication and should not rely exclusively on passwords."

Latest revision as of 15:44, 2 December 2009

"When used in a single factor authentication method (for example, just a thumbprint with no username or password), biometrics are the weakest form of authentication available and are unsuitable for even moderate risk applications." Biometrics is still a better single factor auth method than having a username/password based one which doesnt enforce password complexity or account lockout.

So I am removing that sentence. There are much worse implementations of single factor authentication.


I don't know if this is strictly true: " * Password change**

   * Password resets** 

(**Low value systems only - Most medium and all high value systems should not be using passwords, and thus do not possess password reset capabilities) "

Perhaps it should read "Most medium and all high value systems should use more than one factor of authentication and should not rely exclusively on passwords."