Hardentechnique
D3-TBAToken-based Authentication
Token-based Authentication
Definition
Token-based authentication is an authentication protocol where users verify their identity in exchange for a unique access token. Users can then access the website, application, or resource for the life of the token without having to re-enter their credentials.
Defends against24
| Type | Target | Confidence | Tier |
|---|---|---|---|
| SubTechnique | Local Accountt1087.001 | 100% | live |
| SubTechnique | Additional Cloud Rolest1098.003 | 100% | live |
| SubTechnique | Local Accountst1078.003 | 100% | live |
| SubTechnique | Local Accountt1136.001 | 100% | live |
| SubTechnique | Cloud Accountt1136.003 | 100% | live |
| SubTechnique | Cloud Accountt1087.004 | 100% | live |
| SubTechnique | Create Process with Tokent1134.002 | 100% | live |
| SubTechnique | Additional Email Delegate Permissionst1098.002 | 100% | live |
| SubTechnique | Default Accountst1078.001 | 100% | live |
| SubTechnique | Temporary Elevated Cloud Accesst1548.005 | 100% | live |
| Technique | Account Manipulationt1098 | 100% | live |
| SubTechnique | Domain Accountt1136.002 | 100% | live |
| Technique | Create Accountt1136 | 100% | live |
| SubTechnique | Token Impersonation/Theftt1134.001 | 100% | live |
| SubTechnique | Domain Accountt1087.002 | 100% | live |
| Technique | Account Access Removalt1531 | 100% | live |
| SubTechnique | Domain Accountst1078.002 | 100% | live |
| SubTechnique | Application Access Tokent1550.001 | 100% | live |
| SubTechnique | Make and Impersonate Tokent1134.003 | 100% | live |
| Technique | Valid Accountst1078 | 100% | live |
| SubTechnique | Cloud Accountst1078.004 | 100% | live |
| Technique | Steal Application Access Tokent1528 | 100% | live |
| Technique | Steal or Forge Kerberos Ticketst1558 | 100% | live |
| SubTechnique | Golden Tickett1558.001 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.