A.8.5 — Secure authentication
This control implements strong authentication mechanisms, such as multi-factor authentication, to verify user identities and prevent unauthorized access.
| Property | Value |
|---|---|
| Section | technical |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-AUTH-01 | FIDO2/WebAuthn Passwordless Authentication |
| SID-AUTH-02 | JWT Bearer Token Session Management |
| SID-AUTH-03 | OIDC Gate for External Identity Providers |
| SID-AUTH-04 | WebSocket JWT Handshake Authentication |
Source: ISO/IEC 27001:2022 Annex A