Skip to content

Base64 Basic Authentication

Service Name: Basic Authentication (Base64 encoded)

Service Description: Basic Authentication is a simple authentication scheme built into the HTTP protocol. The client sends HTTP requests with the Authorization header that contains the word "Basic" followed by a space and a base64-encoded string of "username:password".

Service Address: Not specific to a single service; used across many web services and APIs

Validation Type: API Auth

IP Allow list: Does not exist at the protocol level, but may be implemented by specific services using this authentication method

Secret Access Scope: Grants access to protected resources on web servers or APIs that implement Basic Authentication

Secret Revokement URL: Does not exist at the protocol level (depends on the specific service implementation)

Secret Example: Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= (where "dXNlcm5hbWU6cGFzc3dvcmQ=" is the base64 encoding of "username:password")

Suspicious Activity Investigation Instructions:

  • Review access logs for the service using this authentication to identify unusual access patterns
  • Check for failed authentication attempts which may indicate brute force attacks
  • Monitor for access from unusual IP addresses or locations
  • Look for access at unusual times or with unusual frequency
  • Verify if the credentials are being used by authorized applications only

Mitigation Instructions:

  • Change the username and/or password for the affected account immediately
  • Implement IP restrictions if supported by the service
  • Consider switching to a more secure authentication method like OAuth 2.0 or API keys
  • Enable multi-factor authentication if available
  • Implement rate limiting to prevent brute force attacks
  • Use HTTPS to encrypt the authentication credentials during transmission
  • Review and revoke access for any compromised applications or services
  • Consider implementing token-based authentication with short expiration times