Read Time:27 Second
Description
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: High
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism, Gain Privileges or Assume Identity
If hard-coded cryptographic keys are used, it is almost certain that malicious users will gain access through the account in question.
Potential Mitigations
Phase: Architecture and Design
Description:
Prevention schemes mirror that of hard-coded password storage.