From the course: Threat Modeling: Repudiation in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Account takeover
- [Instructor] Account takeover is a common problem. People are bad at keeping their accounts secure and frankly, we're bad at helping them. See my spoofing class for a lot of details but after someone manages to login as you, they can do whatever they want with your account, wire money, tweet, email your friends saying that you're trapped in a hotel in London. And after they've done those things, you have to repudiate their words or actions. Clean up. Or maybe you claim your account was taken over after a night of regrettable tweeting. So let's say you're a platform provider and someone claims their account was taken over and they want it back. What factors do you consider? Do you have their previous favorite pizza topping, first car or other security questions? Or did you discard those on change? Do you track when you send a password reset email and make that information easily available to investigators? Next, let's…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.