O'Reilly logo

Improving Web Application Security: Threats and Countermeasures by Microsoft Corporation

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authentication

Examine how your application authenticates its callers, where it uses authentication, and how it ensures that credentials remain secure while in storage and when passed over the network. Vulnerabilities in authentication can make your application susceptible to spoofing attacks, dictionary attacks, session hijacking, and other attacks. Table 5-2 highlights the most common authentication vulnerabilities.

Table 5-2. Common Authentication Vulnerabilities

Vulnerability

Implications

Weak passwords

The risk of password cracking and dictionary attacks increase.

Clear text credentials in configuration files

Insiders who can access the server or attackers who exploit a host vulnerability to download the configuration file have immediate access ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required