Many types of attack on websites are concerned with bypassing the authentication system. Logging into a site usually requires that a user supply a username and a password.