> In this lab, a simple login form with a username and password field After entering the lab username and incorrect password and
capturing the request, we see that the application sends string type of values to authenticate users.
> We can simply add all the passwords from the given list and put them in array format.
> In this lab application has secure with 2FA but in buggy format. When the user logs in with a valid username and password, the
application will ask for 2FA code that can be accessed from the "Email Client" and after successfully entering the 2FA code,
they are redirected to the "/my-account" page.
> When we try to login with other credentials that are provided in the lab, With /login2 to /my-account, we can easily manipulate
requests.