|
Work item:
|
X.gpwd
|
|
Subject/title:
|
Threat Analysis and guidelines for securing password and password-less authentication solutions
|
|
Status:
|
[Carried to next study period]
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
-
|
|
Supporting members:
|
-
|
|
Summary:
|
This Recommendation performs security and threat analysis of authentication solutions that are based on some form of a shared secret. The work takes a close look into security risks associated with password systems and emerging password-less solutions.
The Recommendation performs threat analysis and develop guidelines and best practices for the protection of users and accounts based on these methods. This work represents a bridge to be used for those adopters that need to support legacy solutions as they do migrate to stronger authentication methods such as FIDO (X.1277 and X.1278).
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2020-09-11 11:09:10
|
|
Last update:
2021-09-10 12:56:35
|
