Microsoft – Set up Multi-Factor Authentication for M365 3.5 3.5.2 3.5.3 Identification and Authentication
Guide for enforcing MFA for Microsoft 365
SEARCH RESULTS
NIST SP 800-63B: Digital Identity Guidelines 3.5 3.5.2 Identification and Authentication
This NIST Special Publication provides technical requirements for federal agencies implementing digital identity services.
Open Web Application Security Project (OWASP) – Authentication Cheat Sheet 3.5 3.5.2 Identification and Authentication
This cheat sheet from OWASP provides general authentication guidelines.
Open Web Application Security Project (OWASP) – Testing for Account Enumeration and Guessable User Account 3.5.2 3.5.7 3.5.8 3.5.9 csc4.2 Identification and Authentication
The scope of this test is to verify if it is possible to collect a set of valid usernames by interacting with the authentication mechanism of the application.
RCDevs 3.5 3.5.2 3.5.3 Identification and Authentication
OpenOTP is a phishing-resistant MFA solution.
RSA SecurID Access 3.5 3.5.2 3.5.3 Identification and Authentication
Secure access to your extended enterprise with RSA SecurID Access, the leading multi-factor authentication and identity assurance solution.
SANS – Password Construction Guidelines 3.5 3.5.10 3.5.2 3.5.7 3.5.8 3.5.9 Identification and Authentication
This SANS guideline provides best practices for creating secure passwords.
SANS – Password Protection Policy 3.5 3.5.10 3.5.2 3.5.7 3.5.8 3.5.9 Identification and Authentication
This is a sample password protection policy from SANS.
SANS Whitepaper – An Overview of Different Authentication Methods and Protocols 3.5 3.5.2 Identification and Authentication
This SANS whitepaper generalizes several authentication methods and authentication protocols.
SANS Whitepaper – Biometrics and User Authentication 3.5 3.5.2 Identification and Authentication
This SANS whitepaper looks at the use of biometrics technology to determine how secure it might be in authenticating users.