Authentication intermediate 50 mins

Broken Authentication

Comprehensive coverage of authentication vulnerabilities including weak credentials, session management flaws, and JWT misconfigurations. Practice credential stuffing, session fixation, and token forgery attacks.

Hands-on Labs
Real-world Scenarios
Immediate Feedback
1

Introduction to Broken Authentication

theory

Overview of authentication failures, their causes, and impacts.

Introduction to Broken Authentication

What is Broken Authentication?

Broken Authentication refers to weaknesses in authentication and session management that allow attackers to compromise passwords or impersonate users.

Common Issues

  • Weak/default passwords
  • Brute-force or credential stuffing
  • Predictable session IDs
  • Insecure password reset flows
  • JWT misconfigurations (alg=none)

Knowledge Check

Which control mitigates credential stuffing?