...
Insufficiently Protected Credentials [XYM] | |
CWE ID 256, Plaintext storage of a password |
Bibliography
[API 2011] | Class MessageDigest Class String |
[Hirondelle 2013] | Passwords Never Clear in Text |
[OWASP 2012] | "Why Add Salt?" |
[Paar 2009] | Chapter 11, "Hash Functions" |
...