Authentication
122. Validate credential ownership237. Ascertain human interaction153. Out of band transactions238. Establish safe recovery225. Proper authentication responses264. Request authentication226. Avoid account lockouts319. Make authentication options equally secure227. Display access notification328. Request MFA for critical systems228. Authenticate using standard protocols334. Avoid knowledge-based authentication229. Request access credentials335. Define out of band token lifespan231. Implement a biometric verification component362. Assign MFA mechanisms to a single account232. Require equipment identity368. Use of indistinguishable response time235. Define credential interface382. Human in the loop236. Establish authentication time