Hello friend,
We are super excited that you want to be part of the Product Security team at Zendesk.
To get started, you need to fork this repository to your own Github profile and work off that copy.
In this repository, there are the following files:
- README.md - this file
- project/ - the folder containing all the files that you require to get started
- project/index.html - the main HTML file containing the login form
- project/assets/ - the folder containing supporting assets such as images, JavaScript files, Cascading Style Sheets, etc. You shouldn’t need to make any changes to these but you are free to do so if you feel it might help your submission
As part of the challenge, you need to implement an authentication mechanism with as many of the following features as possible. It is a non exhaustive list, so feel free to add or remove any of it as deemed necessary.
- Input sanitization and validation
- Password hashed
- Prevention of timing attacks
- Logging
- CSRF prevention
- Multi factor authentication
- Password reset / forget password mechanism
- Account lockout
- Cookie
- HTTPS
- Known password check
You will have to create a simple binary (platform of your choice) to provide any server side functionality you may require. Please document steps to run the application. Your submission should be a link to your Github repository which you've already forked earlier together with the source code and binaries.
Thank you!