Common authentication attacks
Any type of security attack is directed toward potential weak spots in the system that is under attack. The most common weaknesses related to the authentication and ways of protecting from them are as follows:
Weak passwords
A password that is easily guessed and does not provide an effective defense against unauthorized access to a resource is considered weak. Such passwords are usually:
Short
Set to dictionary word or name
Set to be the same as username
Set to some predefined value
When we have a platform with weak passwords it can be attacked using brute force login technique (also known as dictionary attack).
Dictionary attack is a technique for defeating authentication mechanism by trying to determine its pass-phrase by searching likely possibilities. In practice this means that a bot (automated script) constantly tries to log on by sending various usernames and passwords from a predefined list of words (usually a dictionary list of words—hence the name dictionary...
