Insecure Login lesson plan and solution

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@328 4033779f-a91e-0410-96ef-6bf7bf53c507

main/project/WebContent/lesson_plans/InsecureLogin.html

@@ -0,0 +1,14 @@
+<div align="Center">
+<p><b>Lesson Plan Title:</b> Insecure Login</p>
+</div>
+<p><b>Concept / Topic To Teach:</b> </p>
+<!-- Start Instructions -->
+Sensitive data should never sent in plaintext! Often applications 
+switch to a secure connection after the authorization. An attacker
+could just sniff the login and use the gathered information to
+break into an account. A good webapplication always takes care of
+encrypting sensitive data.
+<p><b>General Goal(s):</b> </p>
+See how easy it is to sniff a password in plaintext.<br>
+Understand the advantages of encrypting the login data!
+<!-- Stop Instructions -->