Sign in
Log inSign up
Akinola Raphael

29 likes

155 reads

4 comments

Fawas Kareem
Fawas Kareem
Oct 14, 2023

This is really a nice article馃. I was hoping to see refresh token as one of the countermeasures. The use of refresh token This way you give the access token a short lifespan and give the refresh token a longer expiry time and maybe when the access token needs to be refreshed you also update the refresh token.

The refresh token can be encrypted as you stated in the article.

I love the relatable analogies you used.

3
1 reply
Akinola Raphael
Akinola Raphael
Author
Oct 14, 2023

Thanks for this amazing piece Fawas Kareem, indeed with refresh tokens, access tokens can have shorter lifespans, reducing the window for malicious activity.

1
Ebenezer Tomoye
Ebenezer Tomoye
Oct 14, 2023

馃憦

1
Shad Mirza
Shad Mirza
Oct 16, 2023

Great that you have added Countermeasures as well. Very well written.

1