Weak Password Recovery Mechanism for Forgotten Password (CWE-640)

Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

Weak password recovery mechanisms can be exploited to take over user accounts. Common issues include predictable reset tokens, security questions with easily guessable answers, or lack of verification.

Verbreitung

Hoch

Häufig ausgenutzt

Auswirkung

Hoch

3 Regeln mit hohem Schweregrad

Prävention

Dokumentiert

3 Fix-Beispiele

2 Prävention

So behebst du diese Schwachstelle

Präventionsstrategien für Weak Password Recovery basierend auf 3 Shoulder-Erkennungsregeln.

🐹 Go Alle anzeigen Go Details →

Weak Password Reset Token HIGH

Use crypto/rand with 32+ bytes of entropy for password reset tokens

+11 -2 go

- func generateResetToken() string {
-     return fmt.Sprintf("%d", time.Now().Unix())
+ import (
+     "crypto/rand"
+     "encoding/hex"
+ )
+ 
+ func generateResetToken() (string, error) {
+     b := make([]byte, 32)
+     if _, err := rand.Read(b); err != nil {
+         return "", err
+     }
+     return hex.EncodeToString(b), nil
  }

🟨 JavaScript Alle anzeigen JavaScript Details →

Weak Password Reset Token HIGH

Use crypto.randomBytes() instead of Math.random() for security tokens

+2 -1 javascript

- user.resetToken = Math.random().toString(36);
+ const crypto = require('crypto');
+ user.resetToken = crypto.randomBytes(32).toString('hex');
  await user.save();

🐍 Python Alle anzeigen Python Details →

Weak Password Reset Token HIGH

Use the secrets module for cryptographically secure token generation

+4 -6 python

- import random
- 
- def create_reset_token():
-     chars = 'abcdef0123456789'
-     reset_token = ''.join(random.choice(chars) for _ in range(32))
-     return reset_token
+ import secrets
+ 
+ def create_reset_token():
+     return secrets.token_urlsafe(32)

3 Erkennung

Finden Sie Schwachstellen in Ihrem Code

Verwenden Sie Shoulder, um Ihren Code nach Weak Password Recovery Mechanism for Forgotten Password-Mustern zu scannen. 3 Regeln.

Terminal

# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=640

# Or scan entire project
npx @shoulderdev/cli trust .

Erkennungsregeln (3)

🐹 Go 1 rules

Weak Password Reset Token HIGH

Password reset token uses predictable values like timestamps or math/rand.

🟨 Javascript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🔷 Typescript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🐍 Python 1 rules

Weak Password Reset Token HIGH

Detects password reset tokens generated using weak or predictable methods like timestamps or non-cryptographic random.

4 Warnzeichen

Worauf bei Code-Reviews zu achten ist

Diese Muster weisen auf potenzielle Weak Password Recovery Mechanism for Forgotten Password-Schwachstellen hin. Achten Sie bei Code-Reviews und Sicherheitsaudits darauf.

🟠

predictable random number generation (Math javascript-weak-password-reset-token

🟠

password reset tokens generated using weak or predictable methods like timestamps or non-cryptograph python-weak-reset-token

🔍

Scanne deine Codebasis nach Weak Password Recovery Mechanism for Forgotten Password

Shoulder CLI findet anfällige Muster in deiner gesamten Codebasis.

npx shoulder trust Alle Regeln durchsuchen