Password attacks
Password attacks involve exploiting a broken authorization vulnerability in the system combined with automatic password attack tools that speed up the guessing and cracking of passwords. The attacker uses various techniques to access and expose the credentials of a legitimate user, assuming their identity and privileges. The username-password combination is one of the oldest known account authentication techniques, so adversaries have had time to craft multiple methods of obtaining guessable passwords. Additionally, applications that use passwords as the sole authentication factor are vulnerable to password attacks since the vulnerabilities are well understood. Password attacks have far-reaching consequences since malicious users only require unauthorized access to a single privileged account or a few users' accounts to compromise the web application. Depending on the data hosted by the application, compromised passwords can pave the way for exposure of sensitive information, distr...