Google Cloud Platform Blog: 12 best practices for user account, authorization and password management


75 bookmarks. First posted by boomer44 24 days ago.


Great summary of how to build a good login system
password  Security  authentication 
11 days ago by traggett
Google article on account management, authorization and password management.
security  WebServer  webDev  WebDesign  Login  passwords  Account 
13 days ago by lost_in_space
SMS による 2FA は NIST では推奨されないのか。
authentication  google  security 
14 days ago by summerwind
"Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations."
authentication  google  password  security  2fa 
14 days ago by garrettc
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations. via Pocket
read  pocket 
14 days ago by tricca
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough…
from instapaper
15 days ago by indirect
12 best practices for user account, authorization and password management
from twitter
16 days ago by jpmayo
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations.
authentication  authorization  google  password  security  best_practice  analysis  development  startup 
16 days ago by danesparza
Google Cloud Platform Blog
google  authentication  password  security  bestpractice 
17 days ago by mirthe
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough…
from instapaper
17 days ago by iany
Google Cloud Platform Blog
google  security 
18 days ago by _CB
NIST has recently updated guidelines on password complexity and strength. Since you are (or will be very soon) using a strong cryptographic hash for password storage, a lot of problems are solved for you. Hashes will always produce a fixed-length output no matter the input length, so your users should be able to use passwords as long as they like. If you must cap password length, only do so based on the maximum POST size allowable by your servers. This is commonly well above 1MB. Seriously.
security  howto  blog 
18 days ago by janpeuker
12 best practices for user account, authorization and password management
from twitter
18 days ago by hopeless
"12 best practices for user account, and management"
password  authorization  from twitter_favs
18 days ago by kinlane
By Ian Maddox, GCP Solutions Architect Account management, authorization and password management can be tricky. For many developers, accou...
security  bestpractices  password  automation  guide  styleguide 
18 days ago by michaelfox
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations.
Fortunately, Google Cloud Platform (GCP) brings several tools to help you make good decisions around the creation, secure handling and authentication of user accounts (in this context, anyone who identifies themselves to your system — customers or internal users). Whether you're responsible for a website hosted in Google Kubernetes Engine, an API on Apigee, an app using Firebase or other service with authenticated users, this post will lay out the best practices to ensure you have a safe, scalable, usable account authentication system.
google  webdev  Security  authentication 
18 days ago by euler
not really specific to services built on GCP, but worth reading what Google is recommending to developers
security  identity  software-as-a-service  google 
21 days ago by absfac
12 Tipps, wie man mit Passwörtern, Authentifizierung bei Google Cloud richtig umgeht
from twitter
23 days ago by grzbielok
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations.
ifttt  tfav  twitter  getpocket 
23 days ago by linkt