ASVS Requirement 6.1.1

• Level: 1
• Chapter: V6 Authentication
• Section: V6.1 Authentication Documentation
• Source: 0x15-V6-Authentication.md

Description

Verify that application documentation defines how controls such as rate limiting, anti-automation, and adaptive response, are used to defend against attacks such as credential stuffing and password brute force. The documentation must make clear how these controls are configured and prevent malicious account lockout.