Authentication pages – the first roadblock on a hacker’s route to getting access to your resources. Gone are the days of simply using a username and password to authenticate users, it is common now to use token-based authentication. Authentication tokens is a protocol used to ensure that the user signing into your page really is who they say they are. These tokens are used like a secure key, once verified can be used for a certain period of time to access specified resources. But like everything in cyber security, it can still be cracked.
Attackers are able to use techniques such as man-in-the-middle attacks and network sniffing, whereby they position themselves in between the user and your servers impersonating and relaying messages in between each party. This allows an attacker to read and decode all traffic being sent between the user and the server. Additionally, attackers can deploy keylogger malware to retrieve a user’s password and use this to grant themselves a verified token. Through doing so they are able to retrieve a user’s authentication token and hence impersonate the user signing in. Once the token is retrieved the attacker can use it to gain full access to this user’s account for the period the token is valid.
How can I ensure I am not susceptible to this attack?
Using simple techniques such as endpoint security to detect malware, multi factor authentication, ensuring a token can only be used for one session at a time as well as hashing the authentication token with a ‘secret key’ will make it much more difficult for an attacker to hijack your token.
Brace168’s B Secure and B Aware product suite provide you with managed endpoint security as well as a range of certified testing services to ensure your infrastructure authentication is highly secured.
