Read Time:19 Second
Description
The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism
Potential Mitigations
Phase: Implementation, Requirements
Description:
Recommendations include requiring all password fields in your web application be masked to prevent other users from seeing this information.