IdentityManagement: Revision history

8 November 2023

• curprev 13:3013:30, 8 November 2023‎ RobertBushman talk contribs‎ 2,913 bytes +92‎ →‎Secret Key Blast Radius
• curprev 13:2813:28, 8 November 2023‎ RobertBushman talk contribs‎ 2,821 bytes +119‎ →‎Secret Key Blast Radius
• curprev 13:2713:27, 8 November 2023‎ RobertBushman talk contribs‎ 2,702 bytes +5‎ →‎Token Blast Radius

• curprev 13:2613:26, 8 November 2023‎ RobertBushman talk contribs‎ 2,697 bytes +2,697‎ Created page with "Category:Infosec = JWT = == Token Blast Radius == I asked GPT for some tips on minimizing blast radius, to see if I was missing any options. * '''Use Short-Lived Access Tokens''': By making the JWT access tokens short-lived, you limit the time an attacker has to use a stolen token. Typically, access tokens can have a lifetime of minutes to hours. * '''Implement Refresh Tokens''': To complement short-lived access tokens, use longer-lived refresh tokens that are used s..."