Cesspit - Authentication - 7

A cesspit with an open iron gate.

Image: A cesspit with an open iron gate.

You jump into the cesspit holding your nose as you swim towards the gate. As you reach the gate you try every possible combination, using 3 digits, until the lock says click. The gate opens and you enter into the lower part of the castle dungeon.

Note:

Attacks should be prevented from being able to obtain valid account credentials by using the application in an unintended manner. This includes credential cracking (identifying valid login credentials by trying different values for usernames and/or passwords) and credential stuffing (mass log in attempts used to verify the validity of stolen username/password pairs).

You may mistakingly assume that you don't need strong authentication due to the fact that the functionality is hidden, inaccessible or in this case, protected by a stinking cesspit, but a good hacker always find his way around these type of barriers.

Provided by Johan Sydseter

OWASP® Dungeons & Daemons

OWASP Dungeons & Daemons is originally created by Johan Sydseter. It is open source and can be downloaded free of charge from the OWASP website. It is is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 4.0 International, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. OWASP does not endorse or recommend commercial products or services. OWASP Dungeons & Daemons is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license and is © 2024 OWASP Foundation.

OWASP and the OWASP logo are trademarks of the OWASP Foundation

Last update was Wed, 09 Oct 2024 15:06:10 GMT

Licensing information