- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
A login page is a web page or an entry page to a website that requires user identification and authentication, regularly performed by entering a username and password combination. Logins may provide access to an entire site or part of a website. Logging in not only provides site access for the user, but also allows the website to track user actions and behavior. Logging off a webpage or site may be manual by the user or they can occur automatically when certain conditions (such as closing the page, turning off the computer, a long time delay, etc.) occur.
User authenticationcan come with mistakes, these can includestoring passwords incorrectly, having a vulnerable password reset functionality, exposing the users session to a CSRF attack or having the session hijacked. However, there are things that can be done to prevent such mistakes, these include: