Document 20 detailed security requirements for inclusion in an RFP. These requirements should focus specifically on security of the logon process (authentication) of users into a networked application.
For each requirement you provide, you must also identify the method (via testing, inspection, analysis) that will be used to verify that the application complies with the requirement. Be sure to identify what success and failure look like in the verification tests