Any creative solution to make it harder for hackers to copy your IdP login page?
Philip Brusten
philip.brusten at kuleuven.be
Tue Mar 27 06:22:49 EDT 2018
On 26/03/2018 21:57, Tom Scavo wrote:
> On Mon, Mar 26, 2018 at 3:47 PM, Wessel, Keith <kwessel at illinois.edu> wrote:
>> I'm wondering if anyone has come up with creative solutions to slow down hackers from doing this kind of thing.
> Not very creative but do you think an Extended Validation (EV)
> Certificate would help?
>
I made a popover using Hopscotch to highlight the importance of the
EV-certificate and that domain name suffix is from our domain.
In the end, that's the only thing you can do, try to educate your users.
To make it even better it would be good to customize it per browser
according to https://casecurity.org/browser-ui-security-indicators/
Kr,
Philip
[1] https://github.com/linkedin/hopscotch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180327/9c72ffbd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gdgkadpdghnmhjkk.png
Type: image/png
Size: 35344 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20180327/9c72ffbd/attachment.png>
More information about the users
mailing list