Hey, everyone is Canada Hill Master Instructor a cyber. In this video, we're gonna talk about Web defense.
So just a quick pre assessment question here. Authentication weaknesses can be seen in the form of weak passwords. So of these passwords listed, which one is the weakest one? In your opinion,
***, if you guessed answer. D you are correct. We see that there's just letters and numbers here, and all the other ones have special characters, along with letters and numbers in those. Now, of course, some of those passwords are a little stronger than others. But the very weakest password in this list is gonna be that password. One answer D
So broken authentication, Just like the name sounds right. The Attackers going thio get some kind of access or authentication they shouldn't have. So this might be in the form of cracking your passwords, stealing session tokens, Maybe getting access to the keys that you're using
The president is actually pretty widespread because in most cases people are using, like default admin passwords, that sort of stuff and weaker encryption methodology. So that's why we kind of see it as a widespread issue and then also the design implementation. A lot of Ah lot of people or organizations out there don't fully understand
security best practices as we're going through the development process. So
things like, you know, you're secure Dev ops. So that's where we see the design flaws and weaknesses there.
So how do we check for that? Well, of course we can do things from the testing standpoint of, you know, brute forcing passwords, trying to do things that credential stuffing attacks if we noticed that were permitting the use of weak passwords. So if we have a password policy that just says like a you can, you know, basically use any password that you want,
then we know that we're likely vulnerable to this type of issue.
Also having we credential recovery. What that means is, if you've ever gone to, like, website signed up, let's say your email or something like a Gmail account or your yahoo were I guess Hotmail of people still use that. But they've got that forgot password links. If you click on that and that, you know, has some kind of verification in place for you to reset your password now an example of a week.
credential recovery would be the fact that all it does is is on the screen. You know, I clicked. I click the link that says Forgot password. And then on the screen you just automatically gives me a box to put in a new password. That's a really weak version of it, right? What it should do is ask me for some security questions or maybe sending a text to my phone with a custom security code
that I then typing on the Web site to verify. It's actually me.
Also, if we're not using multi factor authentication, that's another avenue that we can potentially have this type of all nobility session ideas being shown in the Urals on then. Also, the rotation of session ideas means, basically, were we keep rotating through at some point, an attacker could guess that we're going to be using that
session idea again because we rotate through. Let's say we just use, like, 100
session I D. S, and we rotate through those. So at some point, the attacker is gonna be able to guess what that session I D. Actually is.
So the impact here, of course you know, stealing the sensitive information, which could lead to things like, you know, so security fraud or identity theft, maybe, even in some cases, potentially like Monday money laundering. So if someone gets access to your bank account, maybe they can funnel money through that and then send it to other bank accounts. And by the time you realize what's going on,
the FBI is knocking on your door saying, What are you doing right?
Or more, more specifically, probably Treasury Department if it's related to money, money laundering,
so prevention, you know different things. You know, prevention or mitigation will say it like that because nothing's 100% right. But we can use things like to factor multi factor authentication rate, limiting secure cookies. So securing our cookies better, using strong passwords,
changing the default password. So again, I mentioned with the default admin credentials. A lot of people leave that stuff the same,
and they never change it on. If you use a website like Showdown, for example, is a great side to go to. If you're kind of interested in the pen testing stuff, go, go take a look, a showdown and you'll be able to see a lot of devices that are on there that have dif all usernames and passwords in place.
Quick post assessment question here, Johnny's the security engineer is looking to reduce the organization's risk of a broken authentication attack. So what's the following listed here is not a way of reducing the likelihood of this type of attack.
All right, so we kind of talked about this already, right? We want to use to factor a multi factor authentication. So in this example, what's not a way of reducing the likelihood of the attack is answer dese or move. Removing two factor authentication is not gonna actually help us reduce the likelihood of attack. It's actually gonna increase the likelihood that somebody can attack us.