Broken Authentication

Broken authentication happens due to the poor implementation of application functions related to the session management and authentication. This allows the attackers to compromise passwords or session tokens

Example

Most broken authentication attacks occur due to the continued use of passwords as a sole factor for authentication. password rotation and complexity requirements are viewed as encouraging users to useand and reuse weak passwords.

Impact

Attackers have to gain access to only a few accounts or just one admin account to compromise the whole system. Depending on the domain of the application this may allow social security fraud, or identity theft and disclose legally protected highly sensitive information.

Mitigation / Precaution

  • Temporarily blocking an IP that originated a high number of authentication errors in a brief period.
  • Tight password policy, not allowing weak or well-known passwords and not the usage of default admin credentials.
  • Not rotating the session ID after a successful login.

Related Articles