Authentication

Overview

This section contains recommendations for the implementation of authentication mechanisms.

Reuse existing authentication mechanisms to avoid duplication and attack surface expansion.

General practices

Authentication scheme	Proof of identity	Pages
Authentication with login and password	login & password	Authentication with Login and Password
Authentication with email and password	email & password	Authentication with Login and Password
Authentication with a phone number and an one-time code	phone number & one-time password	Authentication with Phone Number
OAuth2 authentication	third-party system	OAuth 2.0 Authentication
Multi-factor authentication	one time password	Multi-factor Authentication