Web Security: User Authentication and Access Control

Web Security: User Authentication and Access Control
Web Security: User Authentication and Access Control
English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 25m | 166 MB

User authentication plays a central role in almost everything we do online. From apps to hardware and websites, user accounts and logins are everywhere. Authentication is critical for verifying a user’s identity online and for confirming permissions so individuals can perform privileged actions. In this course, instructor Kevin Skoglund teaches you how authentication works, how to implement it correctly when building web applications, walks you through some of the most common attacks, and shows you how to protect your site. He also demonstrates how to secure your own passwords and digital identity so you can work securely. This course is ideal for all developers, particularly those who are interested in authentication and security.

Topics include:

  • Verifying identity and access privileges
  • Authentication factors
  • Multi-factor authentication
  • Requirements for strong passwords
  • The dangers of password reuse
  • Encryption and hashing
  • Brute force and dictionary attacks
  • Salting passwords
  • Handling forgotten passwords
  • Insecure direct object references
Table of Contents

1 Best practices for user authentication and access control
2 The importance of authentication
3 Authentication factors
4 Credentials
5 Multi-factor authentication
6 Pitfalls of multi-factor authentication
7 Biometric authentication
8 Encryption and hashing
9 Brute force attacks
10 Speed and throttling
11 Dictionary attacks
12 Salted passwords
13 Strong passwords
14 Password requirements
15 Password theft and reuse
16 Password managers
17 Handle forgotten passwords
18 Use HTTPS and TLS
19 Insecure references
20 Regulate access privileges
21 Cookies and sessions
22 Deny lists and geofilters
23 Single sign-on services
24 Deactivate user access
25 Next steps