SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 105

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 106

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC04-J

medium

likely

high

P6

L2

Related Guidelines

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ae5808a4-92d9-4a54-9924-dccbdd4d8004"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Insufficiently Protected Credentials [XYM]"

]]></ac:plain-text-body></ac:structured-macro>

MITRE CWE

CWE ID 256, "Plaintext Storage of a Password"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="29fdfbe0-926f-4174-a18b-b51595ccf902"><ac:plain-text-body><![CDATA[

[[API 2006java:AA. References#API 06] ]

Class java.security.MessageDigest

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3a214945-51a9-4d5e-9388-636b7a356109"><ac:plain-text-body><![CDATA[

[ [API 2006java:AA. References#API 06]]

Class java.lang.String]]></ac:plain-text-body></ac:structured-macro>

http://www.javapractices.com/topic/TopicAction.do?Id=216

Passwords never in clear text

http://en.wikipedia.org/wiki/Salt_(cryptography)

Salt (cryptography)

http://en.wikipedia.org/wiki/Cryptographic_hash_function

Cryptographic hash function

http://nsa.gov/

 

...