Authentication Vulnerabilities

Introduction to Authentication

Authentication is verifying the identity of users, devices, systems, and any particular resource in the network. In other words, before allowing access to anything we must provide something that proves ourselves.

There are three ways for authentication and they are the following:

• Something you know: In which user or entity provides something that they only know like passwords or security questions etc.

• Something you have: In which the user has any physical thing that proves his identity and only that user should have it i.e Identity card, Security token, Mobile phone to get a secret phrase or something.

• Something you are: In which users prove their identity by their genetic things like a fingerprint, retina scan, etc.

Introduction to Authorization

Whenever a user or entity is authenticated the next thing start is an authorization. In Authorization, we determine its permission, rights, and total access in the system. Authentication is important for ensuring the security and integrity of sensitive data and resources.

There are several approaches for Authorization:

• Role Based Access Control (RBAC)

• Attribute Based Access Control (ABAC)

• Mandatory Access Control (MAC)

These are approaches we can use for authorization we cannot go into detail here but I recommend you do further reading.

How do Authentication Vulnerabilities arise

Authentication issues arise in many ways such as logical flaws, failure to limit no of requests per second, software flaws, and human errors.

In the context of Web Applications authentication flaws are mostly due to logic flaws and failure to adequately protect against brute forces attacks (limit the number of requests per second).

Type of Authentication Vulnerabilities

• Brute-force Attack

• Man-in-the-Middle (MitM) Attack

• Phishing

• Password Guessing and Breach Passwords

Impact of Authentication Vulnerabilities

The impact of authentication vulnerabilities can be very severe. Once an attacker has either bypassed authentication or has brute-forced their way into another user's account, they have access to all the data and functionality that the compromised account has. If they are able to compromise a high-privileged account, such as a system administrator, they could take full control over the entire application and potentially gain access to internal infrastructure.

Even compromising a low-privileged account might still grant an attacker access to data that they otherwise shouldn't have, such as commercially sensitive business information. Even if the account does not have access to any sensitive data, it might still allow the attacker to access additional pages, which provides a further attack surface. Often, certain high-severity attacks will not be possible from publicly accessible pages, but they may be possible from an internal page.

Best Practice of Prevention

• Use a Strong Password and change it timely

• Use Multifactor Authentication

• Prevent username enumeration

• Prevent Brute force attacks

These are some common practices that should be implemented properly and there are some other practices as well that I recommend to research your own and implement properly.