24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

SIN 19USE OF WEAK PASSWORD-BASED SYSTEMS

OVERVIEW OF THE SIN

People hate passwords, particularly if they’re asked to choose good passwords, and often do not use a different one for each of their myriad of e-mail, online banking, instant messaging, and corporate and database accounts. Security experts hate passwords because people will use their kids’ names as passwords, or else write them down and stick them under the keyboard if they’re forced to use stronger passwords, though this may not be the worst thing that can happen—a password under a keyboard isn’t vulnerable from the network!

Password-based authentication is a difficult problem because even though it has a lot of problems, there is a lack of currently available solutions that are ...

Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them by Michael Howard, David LeBlanc, John Viega

SIN 19USE OF WEAK PASSWORD-BASED SYSTEMS

OVERVIEW OF THE SIN

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly