Futaba _ Webs πΈπΈππΈπΈ
Danger! SSO and OpenAuth πΈπΈππΈπΈ
Today I want to talk about SSO and OpenAuth, two forms of authentication methods that are highly common and popular in today's security infrastructures, and discuss the major critical flaws they contain from a fundamental standpoint.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today I want to talk about SSO and OpenAuth, two forms of authentication methods that are highly common and popular in today's security infrastructures, and discuss the major critical flaws they contain from a fundamental standpoint.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π Accessibility vs Convenience in Cyber Security! π Where am I going with this argument? π What is SSO (Single Sign On) π What is OpenAuth You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version
π Danger! SSO and OpenAuth
Premise πΈπΈππΈπΈ
For the sake of the argument, I will be focusing on the initial main premise of the two, and NOT advanced versions of them which have received some security upgrades for obvious reasons. I want to focus more on talking about the overall design of the two methods and the BIG flaws in them.
This article is a part of the new Danger! Series Iβm launching, which is where I raise more Cyber Security awareness about critical flaws and vulnerabilities that exist within various system infrastructures, including any protocols and data communication methods, and the Dangers of what could happen should they be exploited to the fullest extent. I also go over various mitigation strategies that can be used to prevent them as well. If by chance there is an exploit video for me showing the full potential risk, it will be included in the advance version of this article for PAID patreon members only!
As always, any and all advanced versions of this article with a video guide if given will be for PAID patreon members only!!
Accessibility vs Convenience in Cyber Security! πΈπΈππΈπΈ
One of the biggest challenges we face when implementing new security features in an infrastructure is accessibility vs convenience, the overall means to implement a new security method while also making it convenient to use.
Accessibility allows the end user to easily understand and interpret/apply the new approach to security, allowing it to be seamlessly implemented into the security infrastructure in various ways.
This in return would require it to be more convenient in order to make it more accessible to them. Take token based MFA for example. All it is, is a simple pin code that is sent to the end user, so that they can input it into a system and authenticate on top of pre-existing knowledge factors that are set in place by default. For the sake of convenience, we have it set up so that the end user can receive the code in a variety of different ways: mobile SMS messages, email, authenticator apps, etc etc, various means spread out to allow them to use the method, which in the process, also makes it more accessible for them.
Sounds harmless right? WRONG. By making the method more convenient and accessible, we in fact increase the overall attack surface, making it more convenient and accessible for hackers to have options in order to exploit the security method that weβve introduced. Donβt believe me? Check out my βDANGER!Your Mobile Devices are VULNERABLE!β article to learn about how one of these endpoints allows attackers to easily bypass the security method if needed. This of course, like all forms of MFA, varies depending on the layers that are within it. Iβm of course ONLY talking about scenarios that involve the pin code method.
We need to be mindful that when implementing other endpoints for accessibility that can also apply the security method, we need to think several steps ahead, stuff like βis said endpoint secure enough to handle this feature?β, βwhat would happen in the event that itβs compromisedβ. We consistently get full of ourselves, thinking that the implementation of the method itself will suffice, that it is impenetrable, yet overlook the stuff like this, weaknesses that can turn it into rumble.
In terms of overall convenience, as harsh as this may sound, sometimes you need to limit how convenient it is to apply the method in order to ensure it's not easily exploitable. This can include from a wide range of stuff like either limiting how the user applies it, or, I some cases, how often the end user is required to use it, which leads into stuff like "Zero-Trust", which is a complex, yet secure form of security for any system infrastructure. I'll talk about that in another article. For now, let's stick to the main topic.
You can still make it more accessible and ensure that end users are able to use and implement it, but not TOO accessible if you see my main point?
Where am I going with this argument? πΈπΈππΈπΈ
Now, how does all of this apply to the topic up for discussion today? Well, believe it or not, SSO and OpenAuth, the main topic for today, as funny but not funny as this might sound, were MADE TO BE MORE CONVENIENT THAN IT IS SECURE. Don't believe me, well let me walk you through the overall concept of how these authentication methods function so that you see the point Iβm trying to make.
Now, just to be CLEAR, I am NOT saying that whoever made this form of authentication method had the intention of NOT making it secure. I am simply just pointing out the major weaknesses in them based on how they were originally designed.
What is SSO (Single Sign On) πΈπΈππΈπΈ
Single sign on is the overall concept of being able to use ONE set of credentials to authenticate and log into multiple sessions with the same credentials that were used to authenticate to the first. Typically itβs used in infrastructures that have multiple sub layers or services that you would need to authenticate to. A good example of this would be WGUβs school system that deploys this method in order to allow you to authenticate to even your outlook mailbox with just your one session that you sign into the main student portal.
What is OpenAuth πΈπΈππΈπΈ
This is a new form of authentication that is supposed to make sending over credentials a thing in the past, allowing you to basically send over passwordless credentials and authenticate to a system. This can also be done through mutual trusting parties such as the "Sign in with Google" option that you see on a lot of web applications that let you use your google log in session to authenticate.
This means that in theory if an attacker were to intercept a communication pipeline they would end up with nothing.
This method sounds lovely on paper, HOWEVER, there is one HUGE downfall to this⦠and why it needed some um⦠fixes cough requiring older security methods to patch it. It's one of the largest forms of a security breach waiting to happen. As a matter of fact it already has been. You can check a scenario on where OpenAuth is being used maliciously right here in order to infect and breach systems.
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
