Broken Authentication involves all kinds of flaws that are caused by errors in implementation of authentication and/or session management. Due to the wide range of different vulnerabilities, it is difficult to define its general properties. The category includes everything from login lacking timeout, meaning that users who forget to logout on a public computer can get hijacked, to more technical vulnerabilities such as session fixation.
Activity Details
Type
Game
Level
Easy
Team
Red
Time
180 mins
Provider Information
Provider