Cancel

Broken Authentication -> Weak Password

By cyberkhalid

Posted 2022-01-01 1 min read

Broken Authentication -> Weak Password

A weak password is short, common, a system default, or something that could be rapidly guessed by executing a brute force attack using a subset of all possible passwords.

Exploitation

bsw

In this case,we will try to login as admin with this credential admin:admin.

bsw

Let’s click on login and see if we can login as admin.

bsw

Great!, We were able to guess admin credential.

Mitigations

Enforce Passwords Policy.

References

https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html

WebApp And Api Pentesting, Broken Authentication -> Weak Password

This post is licensed under CC BY 4.0 by the author.

Recently Updated