Feature FEA102 - Securely authenticate user accounts
| Document Type | Feature Description |
| Feature | FEA102 |
| Author | Aapo Hölttä |
| Version | 0.1 |
| Date | 12.04.2024 |
Description
Securely authenticate user accounts by enforcing strong password policies, implementing Multi-Factor Authentication (MFA), and hashing passwords with strong algorithms.
Ensure encrypted communication using HTTPS, and apply account lockout policies to prevent unauthorized access.
Consider biometric authentication and conduct regular security audits for ongoing protection.
Manage sessions securely with random identifiers and timeouts, and continuously monitor authentication events for suspicious activities while educating users on best security practices.
Feature-related restrictions, requirements use cases
- Gather all relevant sources related to the implementation of the feature *
| Linked Use Cases | Usecase |
| Linked Requirements | ReqID list |
| Constraints | Constraint |
| Documentation links | - |
User Storys related to feature
US002 As a user, I want to be able to create an account and securely authenticate myself to the web app.
US004 As a customer I want secure authentication mechanisms, such as password hashing and session management, to protect user accounts.
Testing / possible approval criteria
- Record a few notes for testing *
| Test Case | Description |
|---|---|
| Acceptance Test Case | Hyväksyntätesti |
| Functional System Test Case | Testitapaus |
| Security Test Case | Testitapaus |