OWASP WebGoat Series - Authentication Flaws

Authentication Logo


Authentication is a major part in access control. Users provide their identity with authentication to prove they are who they say they are. A password is often the most common way to authenticate a user in combination with their username.

Having a secure and strong password often is not enough in keep your accounts secure. Combining factor authentication alongside your password ensures you account stays well protected.

Secure Passwords

With passwords being common in authenticating a user, learning how to create strong passwords and storing them in a secure way prevents hackers from getting a hold of it.

National Institute of Standards and Technology (NIST) is known for its best security practices, recently finalized their New Password Guidelines.


(Will go a lot deeper into this topic in a future post)

Is your account secure?

Having a weak password has consequences - hackers are getting more clever in getting information they want. Using websites like have i been pwned? or Dehashed to verify if your accounts have been compromised is an intelligent way be smart about what passwords you can or cannot use.