Skip to content

Commit

Permalink
Update 07-Testing_for_Weak_Authentication_Methods.md
Browse files Browse the repository at this point in the history
Updated summary portion to reflect suggestion to include PINs & security questions.
  • Loading branch information
alp1n3-eth authored Dec 18, 2024
1 parent 6a130b2 commit f7b9cad
Showing 1 changed file with 1 addition and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

The most prevalent and most easily administered authentication mechanism is a static password. The password represents the keys to the kingdom, but is often subverted by users in the name of usability. In each of the recent high profile hacks that have revealed user credentials, it is lamented that most common passwords are still: `123456`, `password` and `qwerty`.

Additionally, applications may utilize alternative credentials that are treated the same as a password, but are considerably weaker, such as a birthdate or a social security number. In some scenarios, these more easily guessed credentials may act as the only user supplied value for authentication.
Additionally, applications may utilize alternative credentials that are treated the same as a password, but are considerably weaker, such as a birthdates, social security numbers, PINs, or security questions. In some scenarios, these more easily guessed credentials may act as the only user supplied value for authentication.

## Test Objectives

Expand Down

0 comments on commit f7b9cad

Please sign in to comment.