passwordless authentication

Security has been a problem recently, such as Windows authentication, asymmetric encryption, digital certificates, digital signatures, TLS/SSL, and WS-Security. If time permits, I would like to write a series of articles to share and exchange with the majority of users. For many readers, Windows certification is a familiar and unfamiliar topic. Directory1. Introduction to Kerberos Authentication2. How to obtain the "subscription Certificate "?3. How

Several common authentication mechanisms HTTP Basic AuthThe HTTP basic Auth simple point description is to provide the user's username and password each time the API is requested, in short, Basic auth is the simplest authentication method to use with the restful API, just provide a username and password, However, due to the risk of exposing usernames and passwords to third-party clients, there is a growing

Pam's configuration file:We note that the configuration file is also placed in the application interface layer, which is used in conjunction with the PAM API to achieve the flexibility of inserting the required authentication module in the application. His main role is to select specific identification modules for the application, the combination of modules and the behavior of the specified modules. Here is a sample configuration file: # cat/etc/pam.d

LDAP Unified authentication solution under Linux--http://www.cangfengzhe.com/wangluoanquan/3.htmlEnterprises need to authenticate a lot of services, employees need to remember a lot of passwords, even if the same password settings for these services, there is a great security risk. The author of the current work of the enterprise is so, every new employee to the arrival of the administrator to initialize a lot of passwords, and these passwords are set

Digital Certificate and its authentication process [reprinted], digital certificate reprinted As we all know, public key cryptography makes it easy to use digital signatures, encrypted communications, and other key services by using the public key and private key pair. The reason why public key technology can be widely used is that for entities that use the public key in the key pair to obtain the Security Service, they can easily obtain the public ke

When designing and maintaining websites, users often need to restrict access to some important files or information. Generally, we can adopt an HTTP-based user authentication mechanism built into the WEB server. When designing and maintaining websites, users often need to restrict access to some important files or information. Generally, we can adopt an HTTP-based user authentication mechanism built into th

This article mainly introduces the usage of php form-based password verification and HTTP authentication, and analyzes in detail the principles and precautions of form-based password verification and HTTP authentication in the form of instances, it has some reference value. if you need it, you can refer to the example in this article to describe how php uses form-based password verification and HTTP verific

In the previous article "detailed security threat control measures" in the cissp development path series specially planned by 51cto Security Channel, j0ker briefly introduced the Identity Recognition Knowledge in access control CBK. After accessing entities (users, processes, and so on) to provide their own unique identification information for access to information resources, the information system needs to use some technical means to determine whether the access entity is in line with the iden

"Experimental purposes" OSPF authentication has 2 aspects one is the area authentication, the other is the interface authentication; The two must be combined to work. In the experiment, demonstrate how to use the OSPF authentication. In the experiment we do the authentication