Broken Authentication (1)

What is Authentication
Broken Authentication is to bypass the auth factor: login, OTP, a function that protect anything
Attacks on Authentication
Enumerating Users
Brute-Forcing Passwords
Brute-Forcing Password Reset Tokens
Brute-Forcing 2FA Codes
Weak Brute-Force Protection
Default Credentials
Vulnerable Password Reset
Authentication Bypass via Direct Access
Authentication Bypass via Parameter Modification
Attacking Session Tokens
Further Session Attacks