Deployed software, now-a-days, are continuously under attack. Attackers have been exploiting vulnerabilities for decades and seem to be increasing their attacks. Firewalls, intrusion detection and antivirus systems cannot simply solve this problem to the desirable extent. Only a concerted effort, by the software development community for building more secure software can foil attackers and allow users to feel protected from exploitation. It is observed that each phase of the SDLC should include the appropriate security assurance mechanism and countermeasures. From requirements through design and implementation to testing and deployment, security measures must be embedded throughout the SDLC phases. Authentication is one of the measure protection mechanisms, which is broadly accepted. Appropriate level of authentication may be well enforce security features and hence ensure security. A checklist is proposed, in this paper, which can enable assessment of appropriateness of authentication and lead to counter/additional measures for security assurance.

Keywords-Software Security, Security Assurance, Authentication Policy, Authentication Checklist