There are 11 techniques in this category, Credential Hardening.
|Credential Hardening techniques modify system or network properties in order to protect system or network/domain credentials.
|- Strong Password Policy
|Modifying system configuration to increase password strength.
|- User Account Permissions
|Restricting a user account's access to resources.
|- Biometric Authentication
|Using biological measures in order to authenticate a user.
|- Certificate-based Authentication
|Requiring a digital certificate in order to authenticate a user.
|- Certificate Pinning
|Persisting either a server's X.509 certificate or their public key and comparing that to server's presented identity to allow for greater client confidence in the remote server's identity for SSL connections.
|- Credential Transmission Scoping
|Limiting the transmission of a credential to a scoped set of relying parties.
|Phishing Resistant Authentication
|- Domain Trust Policy
|Restricting inter-domain trust by modifying domain configuration.
|- Multi-factor Authentication
|Requiring proof of two or more pieces of evidence in order to authenticate a user.
|- One-time Password
|A one-time password is valid for only one user authentication.
|- Credential Rotation
|Expiring an existing set of credentials and reissuing a new valid set
A knowledge graph of cybersecurity countermeasures