Secure APIs with FastAPI and the Microsoft Identity Platform Transcripts
Chapter: Introduction to Identity
Lecture: Username and password databases
Login or
purchase this course
to watch this video and the rest of the course contents.
0:00
Our systems need to be able to store, retrieve and use digital identities in order to personalize our users experiences and secure access to
0:10
sensitive information. User names and passwords have been in existence since the early days of computing
0:16
we use them every day to sign into our computers, log into online banking, etc,
0:22
storing and securing passwords has been a fundamental challenge for developers and security experts and an
0:29
opportunity for hackers to make a lot of money. I'm pretty sure that most of you taking this course have come across one or many
0:36
applications that use a user name and password database to store digital identities.
0:41
And there in lies the challenge because creating a robust and secure identity system is much
0:47
more than just storing a user name and password in the database. You need to cryptographically secure this information.
0:54
So right from the beginning enter the wonderful world of digital cryptography but it doesn't stop there. This is only the beginning.
1:02
How do you protect your system from brute force attacks? How do you protect your system from denial of service attacks?
1:09
What about password resets should they be user initiated and self managed or will you
1:14
have an admin to approve these requests then you have to think about two factor and multi factor authentication. Modern security requirements demand.
1:24
MFA which means that you now have to integrate with multiple other services
1:28
such as email, One time password tools like Authy and Microsoft authenticator and text
1:34
messaging and that is more. With the prevalence of biometric capabilities in computing applications today need to be able to accommodate passwords,
1:44
logins, fingerprint and face login and fighter keys. And once you solve these problems there are even more challenges such as scalability and high
1:55
availability. How quickly can your database grow to accommodate new users and can you ensure
2:00
that it will be available and remain available to meet the uptime requirements of your application Finally, as organizations and applications grow,
2:10
how do you manage users roles, group membership permissions and so on? How extensible will your identity system be?
2:19
It's also not uncommon for a company to have more than one user database lying around which creates additional challenges for admins.
2:26
The lack of centralized identity system can create security holes in the infrastructure that could be
2:31
used by attackers to gain unlawful access to a system. The disparity of user name and password databases creates another important problem.
2:41
What happens when our digital identities need to access other resources and other systems not originally
2:47
intended for building a proprietary identity system reduces interoperability and integration that can inhibit business growth
2:55
Looking back at all these challenges, it feels that we are in a dire need of open standards that can be used
3:02
to build a identic systems that can be easily integrated with any solution and are extensible enough to adapt to any business requirements.
3:11
This is what OAUTH2 and OIDC Protocols were designed to solve and this is what we'll be looking at the next module.