Identification and Authentication Failures
Weak authentication mechanisms lead to unauthorized access.
Common Issues:
Credential disclosure (e.g., leaked passwords).
Use of common or weak credentials.
User Enumeration: Exposing valid usernames through error messages or responses.
Authentication Before Validation: Trusting user inputs before proper validation.
Last updated