O'Reilly logo

HACKING EXPOSED WEB APPLICATIONS, 3rd Edition by Sima Caleb, Liu Vincent, Scambray Joel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 4 ATTACKING WEB AUTHENTICATION

Authentication plays a critical role in the security of a web application since all subsequent security decisions are typically made based on the identity established by the supplied credentials. This chapter covers threats to common web authentication mechanisms, as well as threats that bypass authentication controls entirely.

WEB AUTHENTICATION THREATS

We’ve organized our discussion in this section loosely around the most common types of authentication prevalent on the Web at the time of this writing:

Username/password Because of its simplicity, this is the most prevalent form of authentication on the Web.

Strong(er) authentication Since it’s widely recognized that username/ password authentication ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required