Broken authentication attack definition
Broken authentication attack is an umbrella term for vulnerabilities that can be exploited to impersonate other users online. Web applications, for example, social media platforms, require users to authenticate themselves by providing login credentials. A broken authentication attack is when an attacker uses session management weaknesses or credential management weaknesses to log in with someone’s credentials and impersonate them.
Session management weaknesses
Every time a user logs in, the platform issues a session ID to track their actions and respond to requests. If a hacker steals that session ID, they can use it to impersonate the user and continue the session. The attacker then has access all information and functions that are available to the user.
Credential management weaknesses
During login, the user must provide the correct username and password or other information that only they would know. Due to users’ poor password management (reusing passwords, never changing them, storing them in plaintext), attackers can perform successful credential stuffing, dictionary, and phishing attacks.
Preventing broken authentication attacks
- Always use strong passwords and never reuse old credentials.
- Opt for a reliable password manager with strong encryption algorithms, like NordPass.
- If you’re not the only person who uses the device, log out of all your accounts after you’re done.
- Use NordVPN to encrypt your traffic and prevent attackers from snooping on your browsing.