Authentication Process Vulnerability Identification
The work identifies vulnerabilities in authentication processes. Some specific features of authentication systems that may expose them to the threat of completing credentials or the threat of account capture are discussed.
The most current vulnerabilities of authentication systems are systematized. The selected vulnerabilities were assessed for criticality, using the Bugcrowd's Vulnerability Rating Taxonomy vulnerability rating system, with the following criticality levels: low criticality, medium criticality, high criticality, very critical vulnerability.
It is obvious that having the most vulnerability does not hurt the authentication system. There must be a threat to this, which is an opportunity to exploit it. Vulnerability without appropriate threat may not require control but must be identified and monitored for change.
2. Bugcrowd’s Vulnerability Rating Taxonomy. Retrieved from https://bugcrowd.com/vulnerability-rating-taxonomy.