Assignment
1. What are the different ways to capture credentials during vulnerable transmission?
2. How does password change functionality make an application vulnerable?
3. How would you suggest using forgotten Password functionality? Illustrate with some real world safe practices.
4. What do you mean by user "impersonation functionality". How does it affect a web application authentication scenario?