Vulnerabilities in password-based login
APPRENTICE
Brute-force attacks
APPRENTICE
Brute-forcing usernames
APPRENTICE
Brute-forcing passwords
APPRENTICE
Brute-forcing passwords - Continued
APPRENTICE
Username enumeration
APPRENTICE
Username enumeration - Continued
APPRENTICE
Lab: Username enumeration via different responses
APPRENTICE
Lab: Username enumeration via subtly different responses
PRACTITIONER
Lab: Username enumeration via response timing
PRACTITIONER
Flawed brute-force protection
APPRENTICE
Lab: Broken brute-force protection, IP block
PRACTITIONER
Account locking
APPRENTICE
Account locking - Continued
APPRENTICE
Account locking - Continued
APPRENTICE
Lab: Username enumeration via account lock
PRACTITIONER
User rate limiting
APPRENTICE
HTTP basic authentication
APPRENTICE
HTTP basic authentication - Continued
APPRENTICE