Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Secure Account Management Fundamentals

via Pluralsight

Overview

Secure Account Management Fundamentals is all about exploiting then protecting security weaknesses in the features we often take for granted in websites today such as registration, logon, changing account info, and logoff.

A fundamental component of many modern day applications is the ability to create and manage user accounts. So many of the services we use every day as consumers and build as developers depend on the ability for customers to register, login, and then perform tasks under their identity. However, every day we see a barrage of attacks against poorly implemented account management facilities. These range from brute force attacks against the login to the impersonation of authenticated users, to the cracking of breached passwords. Often, weaknesses in account management facilities are simply due to the developers not having thought through the potential risks from a hacker's mindset. This course demonstrates how attackers think and exploit these weaknesses. There are numerous high-profile precedents including the celebrity iCloud photo hack, GitHub account attacks and Dropbox credential disclosure. In some of these cases, oversights in secure account management practices left systems unnecessarily vulnerable whilst in others, good practices undoubtedly mitigated the scale of the damage caused. This course regularly refers to real world examples – both good and bad – as a means of illustrating risks and the effectiveness of security controls.

Syllabus

  • Introduction 17mins
  • Fundamental Security Concepts 26mins
  • Password Storage 32mins
  • Registration 71mins
  • Logon 62mins
  • Remember Me 26mins
  • Account Details Change 46mins
  • Password Reset 50mins
  • Logoff 33mins
  • Additional Considerations 52mins

Taught by

Troy Hunt

Reviews

4.8 rating at Pluralsight based on 214 ratings

Start your review of Secure Account Management Fundamentals

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.