AU

APP015: Password Reset Challenge/Response

Does the application use an EATDS-approved mechanism for password resets?

Guidance: It is a sound security practice to use a challenge/response mechanism to verify the user's identity for password reset, especially for high-criticality applications. Other mechanisms for low-criticality applications can be recommended by authentication guidelines or can be subject to business approval to ensure the risk is acceptable.

Replies
Please Sign In to submit new tickets or to reply to existing ones.

Ticket ID

T-00007

Created

January 21, 2021 05:38 PM

Product

QuickView