CheatSheetSeries
CheatSheetSeries copied to clipboard
Update: Credential_Stuffing_Prevention_Cheat_Sheet
What is missing or needs to be updated?
A couple of suggestions for the Credential Stuffing cheat sheet:
- MFA section should link to MFA cheat sheet (reciprocating the link to cred stuffing from MFA)
- With 2023 expansion in support for FIDO2 passkeys, the line that MFA may not be practical should be replaced with suggestion of passkeys to prevent cred stuffing.
How should this be resolved?
Changes suggested inline above. Could also mention FIDO UAF or U2F device bound software or hardware passkeys as well- not sure if this is getting too far into the weeds for a cheat sheet?
I like all of these ideas, PR!
@SCFTW awesome issue. Do you want to make a PR for this?
I'm working on these and a few other minor updates to the cred stuffing CS.