Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017

Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017

OWASP Foundation via YouTube Direct link

Upfront Web Application Security

4 of 22

4 of 22

Upfront Web Application Security

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Facts and Figures about Airlock & Ergon
  3. 3 OWASP Top 10
  4. 4 Upfront Web Application Security
  5. 5 Upfront Authentication
  6. 6 Strong Authentication Examples: OTP
  7. 7 Strong Authentication Examples: C/R
  8. 8 Trivial: Feedback Messages
  9. 9 Trivial Remedy: Generic Feedback Message
  10. 10 How About 2-Factor Authentication?
  11. 11 Requirements
  12. 12 Step 1: Simulate 2nd Factor with OTP
  13. 13 Step 1: Simulate 2nd Factor with MTAN
  14. 14 Account Locked Information
  15. 15 Simulate for unknown users
  16. 16 Step 3: Unknown users with different 2nd factors
  17. 17 What we implemented
  18. 18 Some Implementation Details
  19. 19 Configuration
  20. 20 Usability Considerations
  21. 21 Prevent other hidden channels
  22. 22 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.