This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Password Management: Empty Password in Configuration File"

From OWASP
Jump to: navigation, search
(Added contents from Fortify.)
 
m
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
{{Template:Vulnerability}}
+
#Redirect [[Empty String Password]]
{{Template:Fortify}}
 
 
 
==Abstract==
 
 
 
Using an empty string as a password is insecure.
 
 
 
==Description==
 
 
 
It is never appropriate to use an empty string as a password. It is too easy to guess and make the application vulnerable to brute-force password guessing attack.
 
 
 
==Examples ==
 
 
 
==Related Threats==
 
 
 
==Related Attacks==
 
 
 
==Related Vulnerabilities==
 
 
 
==Related Countermeasures==
 
 
 
==Categories==
 
 
 
[[Category:Environmental Vulnerability]]
 
[[Category:Deployment]]
 
[[Category:Password Management Vulnerability]]
 
[[Category:Authentication Vulnerability]]
 

Latest revision as of 18:33, 21 July 2006

Redirect to:

Retrieved from "https://wiki.owasp.org/index.php?title=Password_Management:_Empty_Password_in_Configuration_File&oldid=7776"