What is broken authentication?
7 minute(s) read
Published on: Nov 20, 2021
Updated on: Mar 13, 2022
What is a broken identity?
Broken authentication is one of the terms used to attack and damage users' systems and user accounts. Attackers and hackers use this method, another method of attack, to forge users' personal information, such as usernames and passwords, online and log in to their system. They generate user logins and log in to their user accounts or systems. In other words, we can say that broken authenticity indicates the existence of weaknesses in the two points of meeting management and credential management.
In recent years, and according to statistics, the use of broken authentication tricks is one of the most dangerous ways that has been used to hack and attack systems. Security experts have repeatedly warned users to be vigilant not to be hacked and attacked by hackers. It is worth mentioning that according to the statistics shown, hacking and attacking users' systems and user accounts through broken authentication is one of the most dangerous methods that has reached the second rank of Sat. This means that hackers use this trick more, and users should be careful not to be attacked by this type of hacking method.
How can meet management cause attackers to attack the system?
It should be noted that session management is one of the parts of broken authentication. Many of the Haya Web applications use users' information to log in. If there is a meeting to enter this critical and personal information, hackers can attack and exploit it. Users enter their data, such as username and password, to log in. After entering, their data is stored in the database, and they do not need to re-enter it. Enter. If there is a problem or session in this section that hackers can exploit, they can quickly be informed of the data that users enter and then attack their system.
Having a meeting or a weakness in authenticating the user and entering their data, which is the username and password, it is said that hackers can easily exploit these weaknesses and cause hacking of the system and their user accounts.
What are the attacks that hackers can carry out in meetings?
Session theft is called session ID theft, through which a hacker can easily log into a user's account. The simplest example of session theft is when the user logs into an account, forgets to deactivate the session and moves away from the phone and system. In this case, a hacker can enter the user's account by abusing the active session. Rewrite the URL of the session ID: Hackers can use to steal the session is to rewrite the URL. A user's session ID is displayed on the website URL in this type of hacking. Anyone who can see this session ID, which is like an insecure Wi-Fi connection, can attend the session and hack the broken Wi-Fi session on the day of the broken authentication. Session authentication: This method of hacking can also be done so that attackers identify the session ID that the victim will use. Then, the attacker and hacker will send a link to the user, and the victim that has Is the session ID. This link sent by the attacker to the victim refers to a source that forces the victim and the user to log in to the system, and then the authentication is broken, and the victim's account is misused. If the web application can continue the broken authentication status, the attacker will be able to forge the identity of the user and the victim before logging in. Even if one of the attackers or victims can continue the session, the server can detect that the session ID matches the valid session ID and allow them access to all resources.
Use of weak credentials by attackers
In recent years, attackers have found that systems can be accessed by exploiting weak credentials and others.
When attackers have access to a system with an extensive database and user information, they can sell the data and information to other hackers. Hackers and attackers also use the credentials of other users' accounts to test the stolen credentials on different types of accounts. Of course, it should be noted that this type of attack method occurs because people use the same passwords. There are currently many accounts that have been hacked by hackers and attackers and sold to other people to use those credentials to gain access to other accounts.
This type of method is like abuse and credential testing. Still, the difference is that this method uses stolen or weak passwords instead of working and mastering users' credentials in a database. An experiment was conducted by NCSC that Indicates that 23 million accounts use 123456 as their password. This is while other people use sports names or insulting words. Password Spraying is a brute force attack that is blocked due to entering a password with a frequent and incorrect number of IP addresses.
Phishing attacks are also a form of hacked authentication, in which hackers create a fake page to persuade users to share important and personal data, such as a username. And enter the password. After users enter their essential data, username, and password, hackers can use that data to log into other user accounts easily and easily hack users.
Spear phishing, also called targeted phishing, is one of the methods that can motivate users through their emotions. In this way, attackers try to persuade users by stimulating their feelings to hack them easily. In this case, they create an email with your name and sister and email you a link to persuade you to enter your information.
How can attacks be prevented?
It is essential to know that to prevent attacks. You must take training courses for your employees or yourself and then resist these types of attacks and prevent them.
- Teach your employees how to deal with phishing:
It is better to increase the security of your system and data ( in German: um die Sicherheit Ihres Systems und Ihrer Daten zu erhöhen )for your employees, not to identify and deal with phishing so that they do not click on them when they encounter suspicious emails, and if do not click to enter important data in their fake pages.
- Learn how to protect your data against brute force attacks:
It is essential to know that attacks that are broken by authentication, in addition to destroying and stealing your data, can even damage your site. In this type of attack, credential stuffing can increase traffic 180 times, and after that, you must be online to protect against brute force attacks. Therefore, it can be done by limiting the number of times an IP address is entered, in which case robots will not affect your system.
- Do not save passwords as raw text:
It is better to use IAM, which can protect against leaked passwords. You will be notified if the user's data and accounts are compromised when the platform detects and detects that the entered password has been leaked. These types of users are locked until they can change their password again. So, attackers will not use the revealed passwords to log in to your accounts.Click to audit your website SEO