F081. Lack of multi-factor authentication


Critical services of the system, such as databases, shared resources containing sensitive information and web services, are not protected by a multi-factor authentication mechanism. This makes it easier for an attacker who has compromised a user’s account to access those resources.

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.