Passwords and Authentication

Get Started. It's Free
or sign up with your email address
Passwords and Authentication by Mind Map: Passwords and Authentication

1. APPLE

1.1. Developer Security

1.1.1. Authorization and Authentication Password AutoFill Overview

1.1.2. Authorization and Authentication Password AutoFill Enable Password AutoFill

1.1.3. Authorization and Authentication Password AutoFill Support Third-Party Web Services

1.1.4. Authorization and Authentication Password AutoFill Integrate a Password Management App with Password AutoFill

1.1.5. Authorization and Authentication Shared Web Credentials Overview

1.1.6. Authorization and Authentication Authorization Services Overview

1.1.7. Authorization and Authentication Authorization Plug-ins Overview

2. Open Web Application Security Project (OWASP)

2.1. Mobile Application Security Verification Standard (MASVS)

2.1.1. 2.7 MSTG-STORAGE-7

2.1.2. 2.11 MSTG-STORAGE-11

2.1.3. 4.1 MSTG-AUTH-1

2.1.4. 4.2 MSTG-AUTH-2

2.1.5. 4.3 MSTG-AUTH-3

2.1.6. 4.5 MSTG-AUTH-5

2.1.7. 4.6 MSTG-AUTH-6

2.1.8. 4.8 MSTG-AUTH-8

2.1.9. 4.9 MSTG-AUTH-9

2.1.10. 4.10 MSTG-AUTH-10

2.2. Application Security Verification Standard 4.0.3 (ASVS)

2.2.1. V1.2 Authentication Architecture

2.2.2. V1.4 Access Control Architecture

2.2.3. V1.6 Cryptographic Architecture

2.2.4. V2.1 Password Security

2.2.5. V2.2 General Authenticator Security

2.2.6. V2.3 Authenticator Lifecycle

2.2.7. V2.5 Credential Recovery

2.2.8. V2.7 Out of Band Verifier

2.2.9. V2.8 One Time Verifier

2.2.10. V2.10 Service Authentication

2.2.11. V3.5 Token-based Session Management

2.2.12. V3.6 Federated Re-authentication

2.2.13. V3.7 Defenses Against Session Management Exploits

2.2.14. V4.3 Other Access Control Considerations

2.2.15. V14.5 HTTP Request Header Validation

3. GOOGLE

3.1. Core app quality

3.1.1. SC-ID1

3.1.2. SC-ID2

3.1.3. SC-ID3

3.2. App Security Best Practices

3.2.1. Enforce secure communication Ask for credentials before showing sensitive information

4. UK National Cyber Security Centre (NCSC)

4.1. Application development Recommendations

4.1.1. Android application development 1.3 Secure application development Server-side controls

4.1.2. Secure iOS application development 1.3 Secure application development recommendations Server side controls

4.1.3. Secure Windows application development 1.3 Authentication

4.1.4. Secure Windows application development 1.5 Server-side controls

5. ioXt Alliance

5.1. Mobile Application Profile

5.1.1. 4.4. No Universal Password UP1

5.1.2. 4.4. No Universal Password UP103

5.1.3. 4.4. No Universal Password UP104

5.1.4. 4.4. No Universal Password UP105

5.1.5. 4.4. No Universal Password UP2.1

5.1.6. 4.4. No Universal Password UP2.2

5.1.7. 4.4. No Universal Password UP107

6. National Information Assurance Partnership (NIAP)

6.1. Requirements for Vetting Mobile Apps from the Protection Profile for Application Software

6.1.1. Secure by Default Configuration FMT_CFG_EXT.1.1

7. US National Institute of Standards and Technology (NIST)

7.1. NIST Special Publication 800-190

7.1.1. 4.2.3 Insufficient authentication and authorization restrictions

7.1.2. 4.3.2 Unauthorized access