Google Cloud Platform Blog: 12 best practices for user account, authorization and password management


93 bookmarks. First posted by boomer44 january 2018.


12 best practices for user account, authorization and password management, Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough…, via Instapaper
Instapaper 
11 weeks ago by paulp
关于用户帐号、密码管理的最佳实践
互联网  安全 
12 weeks ago by printempw
Thorough list of things that you need to deal with if you are building an authentication system.
12 weeks ago by thingles
Great summary of how to build a good login system
password  Security  authentication 
february 2018 by traggett
Google article on account management, authorization and password management.
security  WebServer  webDev  WebDesign  Login  passwords  Account 
february 2018 by lost_in_space
SMS による 2FA は NIST では推奨されないのか。
authentication  google  security 
february 2018 by summerwind
"Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations."
authentication  google  password  security  2fa 
february 2018 by garrettc
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations. via Pocket
read  pocket 
february 2018 by tricca
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough…
from instapaper
february 2018 by indirect
12 best practices for user account, authorization and password management
from twitter
february 2018 by jpmayo
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations.
authentication  authorization  google  password  security  best_practice  analysis  development  startup 
february 2018 by danesparza
Google Cloud Platform Blog
google  authentication  password  security  bestpractice 
february 2018 by mirthe
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough…
from instapaper
february 2018 by iany
Google Cloud Platform Blog
google  security 
february 2018 by _CB
NIST has recently updated guidelines on password complexity and strength. Since you are (or will be very soon) using a strong cryptographic hash for password storage, a lot of problems are solved for you. Hashes will always produce a fixed-length output no matter the input length, so your users should be able to use passwords as long as they like. If you must cap password length, only do so based on the maximum POST size allowable by your servers. This is commonly well above 1MB. Seriously.
security  howto  blog 
february 2018 by janpeuker
12 best practices for user account, authorization and password management
from twitter
february 2018 by hopeless
"12 best practices for user account, and management"
password  authorization  from twitter_favs
february 2018 by kinlane
By Ian Maddox, GCP Solutions Architect Account management, authorization and password management can be tricky. For many developers, accou...
security  bestpractices  password  automation  guide  styleguide 
february 2018 by michaelfox
Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations.
Fortunately, Google Cloud Platform (GCP) brings several tools to help you make good decisions around the creation, secure handling and authentication of user accounts (in this context, anyone who identifies themselves to your system — customers or internal users). Whether you're responsible for a website hosted in Google Kubernetes Engine, an API on Apigee, an app using Firebase or other service with authenticated users, this post will lay out the best practices to ensure you have a safe, scalable, usable account authentication system.
google  webdev  Security  authentication 
february 2018 by euler