Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected a reference and tidied up the Applicability section

...

In both the setPassword() and checkPassword() methods, the cleartext representation of the password is erased immediately after is converted into a hash value. Consequently, an attacker cannot get the password as cleartext after the erasure.

Exceptions

Applicability

Passwords stored without a secure hash are exposed to malicious users. Violations of this guideline generally have a clear exploit associated with them.

MSC04-EX0: Applications such as password managers may need to retrieve the original password in order to enter it into a third-party application. This is permitted, even though it violates the ruleguidline. The password manager is accessed by a single user and always has the user's permission to store his passwords and to display those passwords on command. As a result, provided the user is competent, the program's operation will be safe.

Risk Assessment

Passwords stored without a secure hash are exposed to malicious users. Violations of this rule generally have a clear exploit associated with them.

...

Guideline

...

Severity

...

Likelihood

...

Remediation Cost

...

Priority

...

Level

...

MSC66-JG

...

medium

...

likely

...

high

...

P6

...

Related Guidelines

ISO/IEC TR 24772:2010

"Insufficiently Protected Credentials [XYM]"

MITRE CWE

CWE ID 256, "Plaintext Storage of a Password"

...