Skip to content

Basic Auth Credentials

Service Name: Basic Authentication

Service Description: Basic Authentication is a simple authentication mechanism built into the HTTP protocol. It sends a base64-encoded string of "username:password" in the HTTP header to authenticate requests to protected resources.

Service Address: Not applicable (protocol-level authentication method used across various services)

Validation Type: API Auth

IP Allow list: Does not exist at the protocol level, but may be implemented by individual services using Basic Auth

Secret Access Scope: Grants access to HTTP/HTTPS resources protected by Basic Authentication, including web applications, APIs, and services

Secret Revokement URL: Does not exist (managed by the specific service implementing Basic Auth)

Secret Example: Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= (where "dXNlcm5hbWU6cGFzc3dvcmQ=" is base64 encoded "username:password")

Suspicious Activity Investigation Instructions:

  • Review access logs for the service using Basic Auth to identify unusual access patterns
  • Check for failed login attempts from unexpected IP addresses or locations
  • Monitor for increased frequency of requests using the credentials
  • Verify if the credentials are being used from new or unauthorized devices
  • Look for access attempts outside of normal business hours

Mitigation Instructions:

  • Change the password for the affected username immediately
  • If possible, implement multi-factor authentication for additional security
  • Consider implementing IP restrictions if the service supports it
  • Update the credentials in all legitimate applications using them
  • Review and revoke any sessions that might be using the compromised

credentials

  • Consider implementing more secure authentication methods like OAuth 2.0 or

token-based authentication

  • Implement stronger password policies including minimum length and

complexity requirements