7 days of WordPress plugins, themes & templates - for free!* Unlimited asset downloads! Start 7-Day Free Trial

Next lesson playing in 5 seconds

  • Overview
  • Transcript

3.6 Broken Authentication and Session Management

In this lesson I’ll show you how to use HTML headers sent by the browser, along with tokens, secure cookies, and http-only cookies, to make sure that a broken authentication attack can be prevented. Then I’ll demonstrate an attack by showing how a hacker can impersonate a user if the hacker can gain access to that user’s cookie information.

Related Links