Book Image

Moodle Security

Book Image

Moodle Security

Overview of this book

Table of Contents (17 chapters)
Moodle Security
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface

Common authentication attacks


Any type of security attack is directed toward potential weak spots in the system that is under attack. The most common weaknesses related to the authentication and ways of protecting from them are as follows:

Weak passwords

A password that is easily guessed and does not provide an effective defense against unauthorized access to a resource is considered weak. Such passwords are usually:

  • Short

  • Set to dictionary word or name

  • Set to be the same as username

  • Set to some predefined value

When we have a platform with weak passwords it can be attacked using brute force login technique (also known as dictionary attack).

Dictionary attack is a technique for defeating authentication mechanism by trying to determine its pass-phrase by searching likely possibilities. In practice this means that a bot (automated script) constantly tries to log on by sending various usernames and passwords from a predefined list of words (usually a dictionary list of words—hence the name dictionary...