nus-pe-bot
commented
1 year ago Team's Response
Do note we ask for NAME, not username, since we are dealing with patients and not online users. Thus, it is important for us to keep track of real names. Since people can have identical names, identifying a user based on password (which is done by developers) is a more sound solution, as we do not want to exclude any patient simply because a prior patient has the same name.
Items for the Tester to Verify
:question: Issue response
Team chose [response.Rejected]
- [x] I disagree
Reason for disagreement: The problem with the group's response is that identification between two patients of the same name could have been done by a separate identification feature, such as a unique number assigned to the user or simply by the last four alphanumerical characters of your identification card number.
Identification by password is a huge security risk, especially when you tell the user that the password is "already taken" during registration. This is not compliant with the claimed non-functional requirement of "complying with legal and regulatory requirements, such as DATA PROTECTION and PRIVACY LAWS".
Loopholes can be exploited to access accounts of different users, even through bruteforce methods. As the group claimed that they "ask for NAME, not username", this makes it even easier for potential hackers to maliciously access user accounts, as there are no names that contain numbers or special characters.
Non-functional requirements in the DG mentioned about complying with data protection and privacy laws.
However, it seems that the feature of identifying different users based on different PASSWORDS rather than asking for a different username during registration seems to be inaccruate with the claim made in the NFR of the DG. Below is the extract from the UG.