logo

Weak Authentication Method

  • Risk:
  • Medium

  • Type:
  • Passive
Summary

HTTP basic or digest authentication has been used over an unsecured connection. The credentials can be read and then reused by someone with access to the network.

Solution

Protect the connection using HTTPS or use a stronger authentication mechanism

References

https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html

Free security scan for your website