Authentication vulnerabilities compromise the system that verifies user identity, potentially allowing unauthorized access to sensitive information and functionality.
Authentication Vulnerabilities Overview
Weak Password Policies
Plaintext Password Storage
Insecure Authentication Protocols
Insufficient Brute Force Protection
Insecure Password Recovery
Session Fixation
Insecure Credential Transmission
Missing Multi-Factor Authentication
Insecure OAuth Implementation
Hardcoded Credentials
Insufficient Logging and Monitoring
Default or Weak Credentials
Insecure Remember Me Functionality
Insecure Account Recovery Questions
Missing Account Lockout