ASVS Requirement 6.6.3

• Level: 2
• Chapter: V6 Authentication
• Section: V6.6 Out-of-Band authentication mechanisms
• Source: 0x15-V6-Authentication.md

Description

Verify that a code based out-of-band authentication mechanism is protected against brute force attacks by using rate limiting. Consider also using a code with at least 64 bits of entropy.