SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 93

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 94

changes.mady.by.user Todd Nowacki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC04-J

medium

likely

high

P6

L2

Related Guidelines

MITRE CWE

CWE-256 "Plaintext Storage of a Password"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3352cd5843c7a4c4-ada69c0a-46b7415b-ad8baddb-985b092ad92a31030415ca57"><ac:plain-text-body><![CDATA[

[SD:[API 2006

AA. Bibliography#API 06]]

Class java.security.MessageDigest

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6f06a0dd3031b0cf-20d9a560-4fd347b3-bab3857f-34001dfe64cfe352c0b645c4"><ac:plain-text-body><![CDATA[

[SD:[API 2006

AA. Bibliography#API 06]]

Class java.lang.String

]]></ac:plain-text-body></ac:structured-macro>

http://www.javapractices.com/topic/TopicAction.do?Id=216

Passwords never in clear text

http://en.wikipedia.org/wiki/Salt_(cryptography) 

Salt (cryptography)

http://en.wikipedia.org/wiki/Cryptographic_hash_function 

Cryptographic hash function

http://nsa.gov/

 

...