Multi-point authentication

Others 2020-09-13 23:31:57 views: null

1. What is a multi-point certification defect?

The system allows the same user to perform identity authentication on multiple identical terminals.

For example, different browsers can log in to the same account at the same time.
The same account is used to log in to the system in browser A and browser B. If the accounts logged in by both browsers can operate normally during the same time period, it means that the system has a multi-point authentication defect.

Best Practices

On the premise of not affecting the business, the key business system should prohibit multi-point authentication. When the same account is logged in elsewhere, the login status of the logged-in account should become invalid, and the user's account should be prompted to log in in its area, which may cause the risk of account theft.

Repair plan

Introduce single sign-on

Guess you like

Origin blog.csdn.net/weixin_36908494/article/details/108517678
Recommended
The “35-year-old curse” of Chinese coders
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Ranking
Methods and Practices of Manufacturing Data Quality Improvement
Serial port upgrade program for efficient transmission of large firmware
Use KITTI to run LIOSAM and complete the EVO evaluation
Calling methods on string literals (Java)
ActiveMQ and Spring integration (4)
You have to know the HTTPS! ! !
PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)
el-upload brings request background
UVA - 1204 Fun Game-like pressure dp
2019-12-28
Daily
More
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)

Code World

© 2018 codetd.com