Application Security, Technology

Abusing Password reset functionality to steal user data (Part–3)

We saw different implementations of a password reset functionality to ensure application security along with their best practices in the first and the second blogs of the series. In this final blog of the series, we will discuss the concept of Multi-Factor Authentication (One Time Passwords i.e. OTP) for the implementation of a reset...

by Nikhit Kumar
Tag: secure coding
17-Nov-2015

Application Security

Abusing Password reset functionality to steal user data (Part – I)

For every developer, implementing a password reset feature is a very interesting part. This is where he develops a logic and then implements it in the code. There is no well-defined industry standard on how to implement a secure password reset functionality in your application. So, the result is that every application has a different way...

by Abhinav Mishra
Tag: secure coding
02-Sep-2015