Vulnerabilities in this category include failure to properly check the authentication of the user or bypassing the authentication system altogether. Authentication vulnerabilities, like input validation vulnerabilities, are generally caused by programmers assuming that users will behave in a certain way and they fail to foresee the consequences of users doing something unexpected. A very basic example of an authentication vulnerability, found in web applications or network equipment is where the application simply asks for a username and password at the login page and then allows authorized users unrestricted access to other web pages without any further checks. The problem with this is that it assumes that ...