Storing Passwords in a Recoverable Format |
Weakness ID: 257 (Weakness Base) | Status: Incomplete |
Description Summary
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
Scope | Effect |
---|---|
Confidentiality | User's passwords may be revealed. |
Authentication | Revealed passwords may be reused elsewhere to impersonate the users in question. |
Example 1
(Bad Code)
Example Languages: C and C++
int VerifyAdmin(char *password) {
if (strcmp(compress(password), compressed_password)) {
printf("Incorrect Password!\n");
return(0);
}
printf("Entering Diagnostic Mode...\n");
return(1);
}
(Bad Code)
Example Language: Java
int VerifyAdmin(String password) {
if (passwd.Equals(compress(password), compressed_password)) {
return(0);
}
//Diagnostic Mode
return(1);
}
Phase: Architecture and Design Use strong, non-reversible encryption to protect stored passwords. |
The use of recoverable passwords significantly increases the chance that passwords will be used maliciously. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plain-text passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. |
Ordinality | Description |
---|---|
Primary | (where the weakness exists independent of other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Base | 522 | Insufficiently Protected Credentials | Development Concepts (primary)699 Research Concepts (primary)1000 |
PeerOf | Weakness Base | 259 | Use of Hard-coded Password | Research Concepts1000 |
PeerOf | Weakness Base | 798 | Use of Hard-coded Credentials | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
CLASP | Storing passwords in a recoverable format |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
49 | Password Brute Forcing |
The meaning of this node needs to be investigated more closely, especially with respect to what is meant by "recoverable." |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
CLASP | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Common Consequences, Relationships, Other Notes, Taxonomy Mappings, Weakness Ordinalities | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Demonstrative Examples, Description, Maintenance Notes, Potential Mitigations |