What Are Broken Authentication Vulnerabilities?
Reading Time: 4 minutesHackers could gain access to private accounts via session IDs, information sharing, and more. Here’s what you need to know.
Hackers are a huge threat to both businesses and individuals. Authentication is supposed to keep them out of secure areas, but it doesn’t always work.
Cybercriminals have a range of tricks that can be used to impersonate legitimate users. This allows them to access private information that they are not supposed to. This can then be used or sold.
Hackers are often able to access secure areas because of broken authentication vulnerabilities. So what are these vulnerabilities, and how can you prevent them?
What Are Broken Authentication Vulnerabilities?
A broken authentication vulnerability is any vulnerability that allows an attacker to impersonate a legitimate user.
A legitimate user typically logs in using either a password or a session ID. A session ID is something on the user’s computer that indicates that they have previously logged in. Whenever you are browsing the internet and aren’t asked to log in to one of your accounts, it’s because the account provider has found your session ID.
Most broken authentication vulnerabilities are problems with how either session IDs or passwords are handled. In order to prevent attacks, you need to look at how a hacker might utilize one of these items, and then modify the system to make doing so as difficult as possible.
How Are Session IDs Obtained?
Depending on how a system is designed, session IDs can be obtained in a range of different ways. Once the session ID is accepted, the hacker can access any part of the system that a legitimate user can.
Session Hijacking
Session hijacking is the act of stealing a session ID. This is often caused by the user making a mistake and causing their session ID to be readily available to somebody else.
If the user is using unsecured Wi-Fi, the data going to and from their computer won’t be encrypted. A hacker may then be able to intercept the session ID as it is sent from the system to the user.
A much easier option is if the user uses a public computer and forgets to log out. In this scenario, the session ID remains on the computer and can be accessed by anyone.
Session ID URL Rewriting
Some systems are designed in such a way that session IDs are stored in a URL. After logging in to such a system, the user is directed to a unique URL. The user can then access the system again by visiting the same page.
This is problematic because anyone who gains access to a user’s specific URL can impersonate that user. This may occur if a user is using unsecured Wi-Fi or if they share their unique URL with somebody else. URLs are often shared online and it’s not uncommon for users to share session IDs unknowingly.
How Are Passwords Obtained?
Passwords can be stolen or guessed in a range of different ways both with and without user help. Many of these techniques can be automated, allowing hackers to attempt to crack thousands of passwords in a single action.
Password Spraying
Password spraying involves trying out weak passwords in bulk. Many systems are designed to lock users out after multiple incorrect attempts.
Password spraying gets around this issue by attempting weak passwords on hundreds of accounts rather than trying to target an individual account. This allows the attacker to attempt passwords in bulk without alerting the system.
Credential Stuffing
Credential stuffing is the act of using stolen passwords to attempt to access private accounts in bulk. Stolen passwords are widely available online. Whenever a website is hacked, user details can be stolen, and are often resold by the hacker.
Credential stuffing involves purchasing these user details and then trying them out on websites in bulk. Because passwords are often reused, a single username and password pair can often be used to log in to multiple accounts.
Phishing
A phishing email is an email which appears to be legitimate but is actually designed to steal people’s passwords and other private details. In a phishing email, the user is asked to visit a webpage and log into an account that they own. The webpage provided, however, is malicious and any information entered is immediately stolen.
How to Improve Session Management
The ability for a hacker to impersonate a user using session IDs depends on how a system is designed.
Don’t Store Session IDs in URLs
Session IDs should never be stored in URLs. Cookies are ideal for session IDs and are much more difficult for an attacker to access.
Implement Automatic Logouts
Users should be logged out of their accounts after a certain amount of inactivity. Once implemented, a stolen session ID can no longer be used.
Rotate Session IDs
Session IDs should regularly be replaced even without requiring the user to log out. This acts as an alternative to automatic logouts and prevents a scenario where an attacker can use a stolen session ID for as long as the user does.
How to Improve Password Policies
All private areas should require strong passwords and users should be asked to provide additional authentication.
Implement Password Rules
Any system that accepts passwords should include rules regarding what passwords are accepted. Users should be required to provide a password of a minimum length and a mix of characters.
Make Two-Factor Authentication Mandatory
Passwords are easily stolen and the best way to prevent hackers from using them is to implement two-factor authentication. This requires a user to not only enter their password but also to provide another piece of information, usually stored only on their device.
Once implemented, a hacker won’t be able to access the account, even if they know the password.
Broken Authentication Vulnerabilities Are a Significant Threat
Broken authentication vulnerabilities are a significant problem on any system which stores private information. They allow hackers to impersonate legitimate users and access any area which is available to them.
Broken authentication typically refers to problems with how sessions are managed or how passwords are used. By understanding how hackers may attempt to access a system, it’s possible to make doing so as difficult as possible.
Systems should be designed so that session IDs are not easily accessible and don’t work longer than necessary. Passwords should also not be relied upon as the only means of user authentication.
Reference: https://www.makeuseof.com/what-are-broken-authentication-vulnerabilities/
Ref: makeuseof
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG