Identification and Authentication Failures
GPTKB entity
Statements (27)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Web security vulnerability
|
| gptkbp:category |
Authentication vulnerabilities
Session management vulnerabilities |
| gptkbp:cause |
Privilege escalation
Data breach Account compromise |
| gptkbp:describedBy |
OWASP documentation
|
| gptkbp:formerName |
Broken Authentication
|
| https://www.w3.org/2000/01/rdf-schema#label |
Identification and Authentication Failures
|
| gptkbp:includes |
gptkb:Session_fixation
Brute force attacks Credential stuffing Improper credential storage Missing multi-factor authentication Weak password policies |
| gptkbp:listedOn |
gptkb:OWASP_Top_10
|
| gptkbp:mitigatedBy |
Multi-factor authentication
Account lockout mechanisms Credential encryption Secure session management Strong password policies |
| gptkbp:OWASPTop10Year |
2021
|
| gptkbp:relatedTo |
gptkb:Broken_Access_Control
Access control |
| gptkbp:riskFactor |
High
|
| gptkbp:bfsParent |
gptkb:OWASP_Top_Ten
|
| gptkbp:bfsLayer |
5
|