| ||
Authentication plays a critical role in the security of any web site with sensitive or confidential information. Table 4-2 summarizes the authentication methods we have discussed in this chapter.
Web sites have different requirements, and no one method is best for authentication. However, using these basic security design principles can thwart many of the attacks described in this chapter:
A strong password policy and account lockout policy will render most attacks based on password guessing useless.
Don't use personally identifiable information for credentials! They aren't really secret and they expose your business to liability if you store them.
HTTPS should be used to protect authentication transactions from the risk of eavesdropping and replay attacks.
Input validation goes a long way in preventing hacking on a web site. SQL injection, script injection, and command execution can all be prevented if input validation is performed.
Authentication Method | Security Level | Server Requirements | Client Requirements | Comments |
---|---|---|---|---|
Basic | Low | Valid accounts on server | Most popular browsers support | Transmits password in cleartext |
Digest | Medium | Valid accounts with cleartext password available | Most popular browsers support | Usable across proxy servers and firewalls |
PassMark/ SiteKey | High | Custom software integration | Browser, devices must be registered for 2-factor authentication | New in 2005, offers server authentication to mitigate phishing |
One-time Password | High | Custom software integration | Requires outboard device | Client devices, distribution costs |
Integrated Windows | High | Valid Windows accounts | Most popular browsers (may need add-on) support | Becoming more popular due to browser support |
Certificate | High | Server certificate issued by same authority as client certs | SSL support, client-side certificate installed | Certificate distribution can be an issue at scale |
Ensure that authorization security tokens like session identifiers aren't easily predictable, and that they are generated using a sufficiently large key space that they can't easily be guessed.
Don't forget to harden identity management systems like account registration and credential reset, as weaknesses in these systems can bypass authentication controls altogether.
| ||