Post-Authentication Attacks: What They Are And How To Protect Against Them
SC Media, Friday, August 16th, 2024
We're familiar with attacks that try to compromise your usernames and passwords. Weak passwords can be cracked. Reused passwords are vulnerable to credential-stuffing and password-spraying attacks. Phishing scams try to steal usernames and passwords outright.
All of these are "pre-authentication" attacks. They try to obtain your credentials so that attackers can then log into a service as you.
But there are also ways to get into your account after you've logged in. Most of these involve stealing or abusing the session tokens that are granted to legitimate users upon a successful login. We call these "post-authentication" attacks.