LRQA Nettitude Blog

How JWT Hijacking Can Be Prevented | LRQA Nettitude

Posted by Nettitude on Apr 16, 2021 4:03:19 PM

By Vanessa Santos | Security Consultant at LRQA Nettitude

Json Web Tokens (JWTs) are commonly used in many applications to validate the client’s identity. The JWT token is provided during authentication in case of success and this is then used in all authenticated interactions to the application.

The validation of user’s identity is based on the user’s information stored in the JWT token which is signed by the server using JSON Web Signatures. The information exchanged within the JWT can also be encrypted using JSON Web Encryption however this is not widely used.

Although the JWT token can be used in web applications there is a number of caveats that come with the choice of implementing JWT authentication tokens that can result in them being hijacked.

In this article we will be discussing these security implementation issues and will uncover ways of preventing an attacker from hijacking JWT tokens.

Read More

Topics: Cyber Security, Nettitude, Security Blog, JSON Web Token

Subscribe Here!

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Recent Posts

Posts by Tag

See all