|
Showing: 1-9 of 9
Articles
|
|
 |
ASP.NET Misconfiguration: Password in Configuration File
Description
The clear-text passwords are in the configuration files. Clear-text passwords in the configuration files are subject to exposure in a...
|
|
09 May, 2008
Views: 340
|
|
|
Allowing password aging
Overview
Allowing password aging to occur unchecked can result in the possibility of diminished password integrity.
Consequences
...
|
|
09 May, 2008
Views: 344
|
|
|
Empty String Password
Abstract
Using an empty string as a password is insecure.
Description
It is never appropriate to use an empty string as a password. It is too...
|
|
09 May, 2008
Views: 329
|
|
|
Not allowing password aging
Overview
If no mechanism is in place for managing password aging, users will have no incentive to update passwords in a timely...
|
|
09 May, 2008
Views: 296
|
|
|
Password Management: Hardcoded Password
Abstract
Hardcoded passwords may compromise system security in a way that cannot be easily remedied.
Description
It is never a good idea to...
|
|
09 May, 2008
Views: 313
|
|
|
Password Management: Weak Cryptography
Abstract
Obscuring a password with a trivial encoding does not protect the password.
Description
Password management issues occur when a...
|
|
09 May, 2008
Views: 325
|
|
|
Password Plaintext Storage
Abstract
Storing a password in plaintext may result in a system compromise.
Description
Password management issues occur when a password is...
|
|
09 May, 2008
Views: 541
|
|
|
Password Plaintext Storage
Abstract
Storing a password in plaintext may result in a system compromise.
Description
Password management issues occur when a password is...
|
|
09 May, 2008
Views: 1979
|
|
|
Using password systems
Overview
The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the...
|
|
09 May, 2008
Views: 846
|
|
