Security Corner:
Secure Tokens

By Eric Mann

Any application aimed at presenting users with a premium, seamless UX must take account of the times when user authentication fails. What happens when a user forgets their password? What can we do to confirm sensitive operations using email or other out-of-band communication? How can we make an application easy to use while also keeping it secure? One mechanism, which protects both password reset links and other secure actions taken by way of an out-of-band confirmation is that of secure tokens.

Read in Full

This article was originally published in the August 2018 issue of php[architect] magazine. To read the complete article please subscribe or purchase the complete issue.

Leave a comment

Use the form below to leave a comment: