we have internal portal which we will use for configuration. How to implement anti phishing mechanism
1.which mechanism to use
2.how to use
thanks in advance
how to implement anti phishing mechanisn for a web application
739 views Asked by Be Positive At
1
Phishing protection are not only at your application level but also by making your users aware of what a phishing is. Even top-noch banks are vulnerable to phishing attacks.
I would suggest you:
A mechanism i've seen in a few banks is :
This way if a user is a victim of a phishing attack, the attacker must know not just his username but also the image that the user choose.
Also in case the user doesn't exists you should set up a fake image so you prevent a user enumeration attack.