Authentication issues
Authentication in a web application plays an important role as it verifies the identity of the user and allows the user to view and interact with only those contents that the user is authorized to access. In a web application, authentication is usually done by a combination of username and password.
Authentication protocols and flaws
Authentication is done in web applications using the following methods:
- Basic authentication
- Digest authentication
- Integrated authentication
- Form-based authentication
Basic authentication
In basic authentication, the username and password is transmitted over the network using the Base64 encoding which is very easy to reverse and acquire the clear text password. The credentials can easily be sniffed by ...
Get Web Penetration Testing with Kali Linux - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.