A login form in a web application takes username and password through two text boxes. When a user submits a valid username followed by a single quote and two double hyphens in the username textbox the user is able to login without providing a valid password. What security controls can prevent this vulnerability? (Choose two best options for this scenario)

PreparedStatement

Input Validation

Multi Factor Authentication

Not allowing special characters in password

Question

A login form in a web application takes username and password through two text boxes. When a user submits a valid username followed by a single quote and two double hyphens in the username textbox the user is able to login without providing a valid password. What security controls can prevent this vulnerability? (Choose two best options for this scenario)

PreparedStatement

Input Validation

Multi Factor Authentication

Not allowing special characters in password

anonymous · Accepted Answer

Correct Solution - ab