Spotting the Sin Pattern

Previous page
Table of content
Next page

For this one, the sin pattern is really easy to spot. Is a program using traditional or handmade password systems without using some other authentication technique to provide defense in depth? If so, that program is living in sin. Its generally considered an acceptable sin, but you need to go out of your way to make sure that the risks are recognized.

Even if there is multifactor authentication, there can still be some risks anytime youre using a password system, such as account lock-out due to failed login attempts. So really, the pattern is having a password system at all!


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
CISSP Exam Cram 2
Data Structures and Algorithms in Java
Sap Bw: a Step By Step Guide for Bw 2.0
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy