To continue with this content, please log in with your Data Access ID or create a new account.
Cancel Data Access ID
You may not be authorized to see this content. Please contact Data Access Europe for more information.
Cancel Data Access Europe
You are not authorized to see this content.
Cancel Data Access Europe
Next lesson:

Security the Basics

Lesson 20: Authentication – Loose ends

The security of any system is determined by its weakest parts. Hackers are creative and will try unexpected things. It is impossible to create a single library that can do everything. 

Therefore, it is recommended that developers do what they can outside the scope of the existing library to secure their applications. For example, it is recommended to use a captcha, or something similar, when a user is registering on a web application without any specific invitations. 

Rate limiting is recommended upon login. This isn’t currently available in DataFlex, but there are external tools, such as a web application firewall, that can be used. 

Recovery wasn’t discussed in this series but is important when needing users lose their passcode or second factor key. 

Encryption key storage, though not thoroughly discussed, is extremely important; it must be stored in a secure place, and not with the encrypted data. 

To stay current with ever-changing security needs, it is important to stay up-to-date with the latest version of DataFlex and the security library to stay on top of recent developments.