12.4. Weak Authentication

Weak authentication practices can lead to exploits just as serious as those I've already discussed thus far, although sometimes it may be more difficult to spot these vulnerabilities than the others. Weak authentication is exploitable when a malicious user can obtain another user's login credentials or privileges either through monitoring network traffic or brute-force password hacking. Oftentimes this is harder to detect because the attacker logs in as if he were the other user, so any actions look like they are legitimate.

Depending on your design requirements, you may want to apply the non-standard autocomplete="off" attribute to input elements. It was originally introduced by Microsoft for Internet Explorer but is observed now also by Mozilla-based web browsers. The attribute instructs the browser to prevent the caching of previously entered values in the field. With such caching, a user can sit down at a shared computer, place the cursor in the text field and press the down-arrow key to see a list of previously entered values. Although this may be insignificant in itself, it is one additional step in an overall plan for increased security.

Many of the Internet's early protocols seem to be designed with the expectation that users were honest. Telent, FTP, POP3, IMAP, HTTP and others all pass information—including login credentials—in plain text across the network. Sadly, all users are not honest and it is easy to configure a machine's network card ...

Get PHP and MySQL®: Create-Modify-Reuse now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.