B4X FEED Password-free login to a secure site

اطلاعات موضوع

درباره موضوع در تاریخ, در دسته b4xfeed ایجاد شده و آغاز کننده آن practicalsoftمی باشد و موضوع آن: Password-free login to a secure site است. این موضوع تا کنون 42 بازدید کننده و, 0 پاسخ داشته و 0 بار پسندیده شده...
نام دسته b4xfeed
نام موضوع Password-free login to a secure site
آغاز کننده موضوع practicalsoft
تاریخ شروع
پاسخ‌ها
0
بازدیدها
42
پسندها
0
آخرین ارسال توسط PracticalSoft
وضعیت
موضوع بسته شده است و نمی‌توان پاسخ جدیدی فرستاد.
Jun 6, 2020
11,559
4,422
This isn't a complete project - just a part of one, but I thought it worth sharing, both because it might inspire others and people might spot a security flaw I've missed.

Background: the site I run is a social network, and we also have apps built in B4X, which talk to the system via an API built around JSON data posted to an endpoint encrypted using TLS. I often have problems with users who've forgotten passwords - especially if they tend to use the app. When the app is set up, it asks for permission to use your account, and once that's done, it doesn't ask for anything more (a bit like oAuth, but less convoluted). You can, if you want, tell the app to request a PIN or biometric id when it starts.

So, since people tend to carry their phones, on which they can easily authorise themselves in a number of ways, and forget passwords, I wanted to find a way people could sign in to the site without a password, while still maintaining security. This is the result.

The user goes to the...



 

وضعیت
موضوع بسته شده است و نمی‌توان پاسخ جدیدی فرستاد.
عقب
بالا