Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

Passwords and Authentication

Other
MN
Mark Neve
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
Passwords and Authentication by Mind Map: Passwords and Authentication

1. UK National Cyber Security Centre (NCSC)

1.1. Application development Recommendations

1.1.1. Android application development 1.3 Secure application development Server-side controls

1.1.2. Secure iOS application development 1.3 Secure application development recommendations Server side controls

1.1.3. Secure Windows application development 1.3 Authentication

1.1.4. Secure Windows application development 1.5 Server-side controls

2. GOOGLE

2.1. Core app quality

2.1.1. SC-ID1

2.1.2. SC-ID2

2.1.3. SC-ID3

2.2. App Security Best Practices

2.2.1. Enforce secure communication Ask for credentials before showing sensitive information

3. ioXt Alliance

3.1. Mobile Application Profile

3.1.1. 4.4. No Universal Password UP1

3.1.2. 4.4. No Universal Password UP103

3.1.3. 4.4. No Universal Password UP104

3.1.4. 4.4. No Universal Password UP105

3.1.5. 4.4. No Universal Password UP2.1

3.1.6. 4.4. No Universal Password UP2.2

3.1.7. 4.4. No Universal Password UP107

4. APPLE

4.1. Developer Security

4.1.1. Authorization and Authentication Password AutoFill Overview

4.1.2. Authorization and Authentication Password AutoFill Enable Password AutoFill

4.1.3. Authorization and Authentication Password AutoFill Support Third-Party Web Services

4.1.4. Authorization and Authentication Password AutoFill Integrate a Password Management App with Password AutoFill

4.1.5. Authorization and Authentication Shared Web Credentials Overview

4.1.6. Authorization and Authentication Authorization Services Overview

4.1.7. Authorization and Authentication Authorization Plug-ins Overview

5. Open Web Application Security Project (OWASP)

5.1. Mobile Application Security Verification Standard (MASVS)

5.1.1. 2.7 MSTG-STORAGE-7

5.1.2. 2.11 MSTG-STORAGE-11

5.1.3. 4.1 MSTG-AUTH-1

5.1.4. 4.2 MSTG-AUTH-2

5.1.5. 4.3 MSTG-AUTH-3

5.1.6. 4.5 MSTG-AUTH-5

5.1.7. 4.6 MSTG-AUTH-6

5.1.8. 4.8 MSTG-AUTH-8

5.1.9. 4.9 MSTG-AUTH-9

5.1.10. 4.10 MSTG-AUTH-10

5.2. Application Security Verification Standard 4.0.3 (ASVS)

5.2.1. V1.2 Authentication Architecture

5.2.2. V1.4 Access Control Architecture

5.2.3. V1.6 Cryptographic Architecture

5.2.4. V2.1 Password Security

5.2.5. V2.2 General Authenticator Security

5.2.6. V2.3 Authenticator Lifecycle

5.2.7. V2.5 Credential Recovery

5.2.8. V2.7 Out of Band Verifier

5.2.9. V2.8 One Time Verifier

5.2.10. V2.10 Service Authentication

5.2.11. V3.5 Token-based Session Management

5.2.12. V3.6 Federated Re-authentication

5.2.13. V3.7 Defenses Against Session Management Exploits

5.2.14. V4.3 Other Access Control Considerations

5.2.15. V14.5 HTTP Request Header Validation

6. US National Institute of Standards and Technology (NIST)

6.1. NIST Special Publication 800-190

6.1.1. 4.2.3 Insufficient authentication and authorization restrictions

6.1.2. 4.3.2 Unauthorized access

7. National Information Assurance Partnership (NIAP)

7.1. Requirements for Vetting Mobile Apps from the Protection Profile for Application Software

7.1.1. Secure by Default Configuration FMT_CFG_EXT.1.1