在 Javascript 中可以接受 PIN 缓存吗?
[英]Is PIN caching acceptable in Javascript?
问题描述
I have a web service that prompts for the user credentials (PIN) before requesting for the smart card.
我有一个 Web 服务,它会在请求智能卡之前提示输入用户凭据 (PIN)。 My question is: Are there any security guidelines regarding PIN caching?我的问题是:是否有任何关于 PIN 缓存的安全指南?
1 个解决方案
解决方案1
1 2020-10-04 08:46:30
PIN caching is on the convenience side of the security vs. convenience scale. PIN 缓存处于安全与便利规模的便利方面。 Asking for the PIN before the card is even known is at the very least suspicious.在知道卡之前询问 PIN 码至少是可疑的。 Caching is in general weakening the security and one has to decide, whether that is acceptable: what are you trying to prove with PIN entry and is it sufficient to know, that the card holder was present earlier?缓存通常会削弱安全性,人们必须决定这是否可以接受:您试图通过 PIN 输入证明什么,是否足以知道持卡人较早出现?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.