I've been recently thinking on logins, payments and sensitive data handling even in popular web applications, and freaking out a bit to be honest, probably due to ignorance so I needed to ask here.
I'm a bit surprised about how easy it can be for someone capable of introducing proxies (via computer/network) to read credentials and sensitive data and I'm wondering if there's some (preferably well-known) approach for developers to tackle what I GUESS it's a problem.
Let's say you pick a very well-known website with traditional email-password login form option (e.g. airbnb) and:
POST /api/v2/login[...]
{[...]"authenticationParams":{"email": "email":"YOUR_EMAIL_HERE","password":"YOUR_PASS_HERE"}}}
Anyone capable of introducing a proxy in my computer/network is able to see in human-readable text, the credentials (username & password).
My question: is there any standard way of preventing this to be easily ready? Is this a normal case?
Thanks in advance and sorry for my base knowledge on the cybersec field.
So my question is, is there any standard way of preventing this to be easily ready? Is this a normal case?
Absolutely. It's called TLS, and it's why it exists. The majority of websites use HTTPS, which relies on TLS for exactly this reason.
If you're intercepting and decrypting this information over an HTTPS (or other TLS channel), then you've installed a trusted root certificate to allow MITM (machine in the middle) attacks. This intentionally defeats TLS to permit diagnostic work, but should never be done in normal situations.