National Institute of Standards and Technology
Package illustrating a test case

Test case 1943

Description

The test case shows a weak encryption practice. Here there is no encryption and the password is stored in the cookie as plain text. We use the cookie to communicate with the black box tool; it is a bad practice to store the password in the cookie.

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.