Threat Category: Authentication: User or Device to Remote Service
Threat Description: An attacker able to perform a man-in-the-middle attack could intercept a request for a genuine website and return a fake or malicious website that attempts to capture credentials.
Man-in-the-Middle Attack 1
Using spoofed Wi-Fi to attack mobile devices 2
To prevent captured authentication credentials from enabling persistent access to sensitive services, configure them with authentication methods that use unpredictable one-time cryptographic tokens that are replay-resistant (e.g. public key authentication, FIDO Alliance protocols, pre-shared access codes).Mobile Device User
To limit the usefulness of captured passwords, do not use the same password or derivations thereof to authenticate to multiple services.
To increase the difficulty of establishing a MiTM attack on a given wireless access session in which authentication credentials are exchanged, avoid authenticating to sensitive remote services over untrusted Wi-Fi networks.