Quiz Entry - updated: 2026.07.14
What are the three main types of attacks on login protocols?
Direct (online guessing), Eavesdropping (passive sniffing), Active (man-in-the-middle / replay).
| Type | Attacker capability | Defence |
|---|---|---|
| Direkter Angriff (Direct) | Just try logging in with guessed credentials | Rate-limit, account lockout, strong passwords, 2FA |
| Abhörender Angriff (Eavesdropping) | Sniff the network — see the messages but doesn't change them | Encrypt the channel (TLS), challenge-response (no reusable secret on the wire) |
| Aktiver Angriff (Active / MITM) | Intercept and modify the traffic in flight | Mutual authentication, certificate pinning, transaction signing |
Why each protocol class addresses different attacks:
- Plaintext password dies to all three.
- Password over TLS survives eavesdropping but is vulnerable to MITM if TLS is broken or the user clicks past a cert warning.
- Challenge-response survives eavesdropping (responses are single-use) but is still vulnerable to MITM that hijacks the session post-login.
- Transaction signing (next topics) is what survives a true man-in-the-middle: the user signs the content of the transaction, not just "I'm here".