Identification and Authentication Failures

GPTKB entity

Statements (27)
Predicate Object
gptkbp:instanceOf Web security vulnerability
gptkbp:category Authentication vulnerabilities
Session management vulnerabilities
gptkbp:cause Privilege escalation
Data breach
Account compromise
gptkbp:describedBy OWASP documentation
gptkbp:formerName Broken Authentication
https://www.w3.org/2000/01/rdf-schema#label Identification and Authentication Failures
gptkbp:includes gptkb:Session_fixation
Brute force attacks
Credential stuffing
Improper credential storage
Missing multi-factor authentication
Weak password policies
gptkbp:listedOn gptkb:OWASP_Top_10
gptkbp:mitigatedBy Multi-factor authentication
Account lockout mechanisms
Credential encryption
Secure session management
Strong password policies
gptkbp:OWASPTop10Year 2021
gptkbp:relatedTo gptkb:Broken_Access_Control
Access control
gptkbp:riskFactor High
gptkbp:bfsParent gptkb:OWASP_Top_Ten
gptkbp:bfsLayer 5