CWE-257
Overview
- CWE ID
- 257
- CWE Name
- Storing Passwords in a Recoverable Format
- CWE Abstraction
- Base
- CWE structure
- Simple
- CWE Status
- Incomplete
Description
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subje