secure-code-warrior-for-github[bot]
commented
1 year ago Micro-Learning Topic: Password in cleartext (Detected by phrase)
Matched on "password in plain text"
Plain-text storage of passwords leave not only access to the vulnerable system at risk in the event an attacker manages to query the passwords database (e.g. via SQL injection or an insider attack), but also endangers other accounts users may have on other systems if they reuse passwords.
It is very common for users to reuse the same password for several online services, and such an exposure could lead to a compromise of all other accounts belonging to that user configured with the same or similar passwords.
password in plain text