The headlines are filled with credential breaches. One way to avoid being those headlines is to not store credentials. Instead, use a 3rd party to authenticate your users. While this cuts a lot of work out of your development time, it is important to understand the pros and cons to each method. James talks through some of these risks to help better understand which method might be right for you.
Links from show:
Ep. 92: 2-Factor Authentication – http://podcast.developsec.com/ep-92-2-factor-authentication
Ep. 61: Multi-factor Authentication – http://podcast.developsec.com/ep-61-multi-factor-authentication
Ep. 39: Authentication – http://podcast.developsec.com/ep-39-authentication
Ep. 2: All About Passwords – http://podcast.developsec.com/ep-1-all-about-passwords
Ep. 73: Identity with Vittorio Bertocci – http://podcast.developsec.com/ep-73-identity-with-vittorio-bertocci
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.