Bayt.com

Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What are your perspectives on securing auth Tokens generated from a token based authentication system like JWT?

When a client authenticates with token based authentication, the server responds with a signed token, since the client has the token at hand, that authenticated client can still use the same token (from a different machine) or browser before the token expires!

Some developers store tokens in local storage which in insecure! I have heard suggestion to store the token in an encrypted cookie! but that still is insecure, how do we guarantee the authenticity of the client?

If a Key is provided to a client, that key can be missued and abused! whats the protection against this?

Strong Authentication Web Application Security
user-image
Question ajoutée par Ali Joudeh , Senior Full Stack Developer , Derq Systems FZ LLC
Date de publication: 2017/06/29
Apprécier (0) Vues (3) Suiveurs (1) Réponses (1) Report Question
Ajoutez Une Réponse
Inscrivez-vous ou connectez-vous pour répondre.
Ajidahun Desmond
par Ajidahun Desmond , Studio manager , Xds xcel digital solution

If your manger is not up to what is expected from him, then you have to be careful while doing work and take thing easy...

 

Ecrivez Votre Réponse
More Questions Like This

Avez-vous besoin d'aide pour créer un CV ayant les mots-clés recherchés par les employeurs?

Obtenir de l'aide