...
Do not hard code sensitive data in programs.
See MSC31MSC41-C. Never hard code sensitive information for more informationdetails.
Disable memory dumps.
Memory dumps are automatically created when your program crashes. They can contain information stored in any part of program memory. Therefore, memory dumps should be disabled before an application is shipped to users. See MEM06-C. Ensure that sensitive data is not written out to disk for details.
...
| CERT Oracle Secure Coding Standard for Java | MSC03-J. Never hard code sensitive information |
| c | MSC31MSC41-C. Never hard code sensitive information |
| MITRE CWE | CWE-259, Use of Hard-coded Password CWE-261, Weak Cryptography for Passwords CWE-311, Missing encryption of sensitive data CWE-319, Cleartext Transmission of Sensitive Information CWE-321, Use of Hard-coded Cryptographic Key CWE-326, Inadequate encryption strength CWE-798, Use of hard-coded credentials |
...