You're developing a web application that handles sensitive user data. How would you design a secure authentication system to protect user accounts from unauthorized access?
- Implement multi-factor authentication (MFusing a combination of password, OTP, and biometric verification.
- Use HTTPS protocol for secure data transmission and storage, encrypt user passwords using a strong hashing algorithm such as bcrypt.
- Implement session management techniques like expiring sessions after a certain period of inactivity, use secure cookies with HttpOnly and Secure flags.
- Utilize OAuth or OpenID Connect for third-party authentication, regularly audit and update security protocols.
Option 2 provides essential measures for securing user authentication, including HTTPS for data encryption, strong password hashing, and session management practices. Multi-factor authentication (MFA) adds an extra layer of security but is not explicitly mentioned in Option 2. OAuth and OpenID Connect are more related to third-party authentication methods, not the core design of a secure authentication system.
Loading...
Related Quiz
- Which encryption protocol is considered more secure for protecting wireless network traffic: WEP or WPA2?
- In SQL, the ___________ keyword is used to specify the conditions that must be met for the records to be selected.
- Which HTTP header is used to mitigate Cross-Site Scripting (XSS) attacks?
- The _________ algorithm is used to find the intersection point of two linked lists.
- The ___________ algorithm is used to allocate memory by dividing it into equal-sized partitions.