Hacking Exposed Web Applications, Third Edition, 3rd Edition

CHAPTER 4 ATTACKING WEB AUTHENTICATION

Authentication plays a critical role in the security of a web application since all subsequent security decisions are typically made based on the identity established by the supplied credentials. This chapter covers threats to common web authentication mechanisms, as well as threats that bypass authentication controls entirely.

WEB AUTHENTICATION THREATS

We’ve organized our discussion in this section loosely around the most common types of authentication prevalent on the Web at the time of this writing:

• Username/password Because of its simplicity, this is the most prevalent form of authentication on the Web.

• Strong(er) authentication Since it’s widely recognized that username/ password authentication ...

Get Hacking Exposed Web Applications, Third Edition, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Hacking Exposed Web Applications, Third Edition, 3rd Edition by Joel Scambray, Vincent Liu, Caleb Sima

CHAPTER 4 ATTACKING WEB AUTHENTICATION

WEB AUTHENTICATION THREATS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly