|
|
Status: Draft Weakness ID: 549 (Weakness Variant)Description Summary The software fails to mask passwords during entry, increasing the potential for attackers to observe and capture passwords. Potential Mitigations Recommendations include requiring all password fields in your web application be masked to prevent other users from seeing this information. Other Notes Basic web application security measures include masking all passwords entered by a user when logging in to a web application. Normally, each character in a password entered by a user is instead represented with an asterisk. Relationships
Taxonomy Mappings
Time of Introduction  ImplementationContent History Submissions Anonymous Tool Vendor (under NDA). (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Relationships, Other_Notes, Taxonomy_Mappings |
|
|
|||
