Generic Auth B64
Service Name: Generic Authentication Base64
Service Description: Generic Base64 encoded authentication credentials, typically used in HTTP Basic Authentication. This format encodes username and password pairs in Base64 for transmission in HTTP headers.
Service Address: N/A - This is a generic authentication format used across many services
Generic Basic Auth Base64
GENERIC_BASIC_AUTH_BASE64
-
Validation Type: API Auth
-
IP Allow list: Does not exist
-
Secret Access Scope: Grants access to services that accept Basic Authentication with the encoded credentials.
-
Secret Revokement URL: Does not exist
-
Secret Example:
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= -
Suspicious Activity Investigation Instructions:
-
Check access logs of the service where the credentials were used
-
Look for unusual login patterns or access from unexpected IP addresses
-
Review any actions performed using these credentials
-
Check for unauthorized data access or modifications
-
-
Mitigation Instructions:
-
Change the password for the account immediately
-
Enable multi-factor authentication if available
-
Rotate any associated API keys or tokens
-
Review and limit the permissions assigned to the account
-
Consider implementing IP restrictions for access if supported by the service
-