CRITICAL
Rule Definition
Passwords that are stored in plaintext outside of a secure container would be trivial to read, if retrieved by an attacker. Leaked passwords could then be used to authenticate to other sensitive resources, to perform actions and retrieve additional information.
Remediation
Always use strong, modern algorithms for encryption, hashing to store password in configuration files.
Alternatively, store secrets in a dedicated secrets management system (Azure Key Vault, Amazon KMS, Google KMS, HashiCorp Vault, ...) separate from the application or service consuming the secret values.
Violation Code Sample
Properties prop = new Properties();
prop.load(new FileInputStream("config.properties"));
String password = prop.getProperty("password");
DriverManager.getConnection(url, usr, password); // VIOLATION: direct usage of the password denotes it has been stored unencrypted
Fixed Code Sample
Properties prop = new Properties();
prop.load(new FileInputStream("config.properties"));
String passEnc = prop.getProperty("password");
String password = decrypt(passEnc); // Proof of the FIX
DriverManager.getConnection(url, usr, password); // FIXED
Reference
CWE-256: Plaintext Storage of a Password
http://cwe.mitre.org/data/definitions/256.html
Related Technologies
Technical Criterion
Secure Coding - Weak Security Features
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.