Testing for authentication in WebApplication
Introduction
To identify individuals in a group of people we need any unique combination of resources by which we can identify the individual. That combination can be his first name, last name, address or SSN. These all are resources that can help users to identify uniquely. This is the case with humans but if we want to identify in web- application for that web-application uses “Authentication”. Let us discuss it in detail.
What is Authentication?
In the case of a web application they use different methods of authentications , it can be username password or username with the OTP sent to your mobile phone. If any attacker is familiar with your username and password or other factors that you use for authentication, he can easily impersonate your identity.
“Authentication” is a process that verifies your identity on a digital medium. Attackers aim to gain access to your authentication information to perform any tasks that are not authorized by you.
A simple example of authentication bypass is there are some webpages or functionality that can be accessed only after login but as soon as an attacker visits that page directly then there is possibility that the authentication might not be working there. Authentication-related issues can exist at…
