Description
The test case shows a weak encryption practice. Here the password is stored in the cookie as SHA-1 of the password. Even if SHA-1 is stronger than MD5, it is a weak algorithm. We use the cookie to communicate with the black box tool; it is a bad practice to store the password in the cookie.
Flaws
Test Suites
Have any comments on this test case? Please, send us an email.