Symptoms of Broken Authentication & How to Prevent it?

If you're sick, you can choose to treat the disease... or do nothing. But What if you don’t know you’re sick??

November 30, 2022

Table of Contents

When you’re sick, you can choose to:

  • Treat the ailment

  • Ignore it and hope it goes away. 

What if you don’t know you’re sick??

In this guide, I will help illustrate some common symptoms in the security world.

As I’m writing this, I think this list can be pretty long, so I’m just going to focus on one for now, feel free to comment with other symptoms of diseases you’ve see in the field!

The point though, as with everything in this publication, is to create awareness. Hopefully that awareness will lead to action and better security in your world.

Broken Authentication

Symptoms of Broken Authentication

Common symptoms of broken authentication at an organization are:

  • Users are sharing accounts

  • Passwords stored in spreadsheets, w/defaults everywhere

  • People no longer with company with access to production resources

  • Too many admins or super-users

  • People regularly logging in as root

Secondary Symptoms Of Broken Authentication

If untreated, broken authentication can cause additional harm or risk to the system, including but not limited to:

  • Loss of customer or company data

  • Lack of accountability of actions

  • Misconfiguration of resources by untrained people

Note: Secondary Symptoms may be visible or invisible to the naked eye and may take months or years to detect. Consult with your security operations person for more.

If you are experiencing 1 more of these symptoms, you can take some over the counter medicine.

If you are experiencing 4 or more symptoms, please seek professional help.

Prevention or Remedies To Broken Authentication

red apple on brown surface

Broken Authentication is a preventable disease. There are multiple remedies available today that range from process improvement, training, and 3rd party solutions. Consult with your leadership team on what’s best for you.

  • Create roles at your organization based on the least privilege model

  • Create user accounts for all individuals

  • Create service accounts

  • Get a password manager

  • Add checks and balances to your offboarding

  • Conduct access reviews

  • Get a single sign on solution

Summary

Uncovering security issues in an organization, or any problem for that matter, is the first step towards a solution. However, if you don’t know what the problem is, or the scope of it, then how can you fix it.

If you decide to not fix it, well it’s on you and that’s ok, as long as you’re making an informed decision and appropriate stakeholders know about your decision.

Thanks to the Mayo Clinic and the CDC for inspiration!

Reply

or to participate.