October 4, 2021
Authentication and authorization are not the same, and remembering that is critical to avoiding threats like ProxyToken. An attacker may use ProxyToken or a similar method to bypass authentication, but tighter controls can still mitigate damage. View the full article at https://cybersecurity.att.com/blogs/security-essentials/how-to-better-secure-user-authentication-protocols