Completed
Account Locked Information
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Facts and Figures about Airlock & Ergon
- 3 OWASP Top 10
- 4 Upfront Web Application Security
- 5 Upfront Authentication
- 6 Strong Authentication Examples: OTP
- 7 Strong Authentication Examples: C/R
- 8 Trivial: Feedback Messages
- 9 Trivial Remedy: Generic Feedback Message
- 10 How About 2-Factor Authentication?
- 11 Requirements
- 12 Step 1: Simulate 2nd Factor with OTP
- 13 Step 1: Simulate 2nd Factor with MTAN
- 14 Account Locked Information
- 15 Simulate for unknown users
- 16 Step 3: Unknown users with different 2nd factors
- 17 What we implemented
- 18 Some Implementation Details
- 19 Configuration
- 20 Usability Considerations
- 21 Prevent other hidden channels
- 22 Conclusion