Weak Password Recovery Mechanism for Forgotten Password (CWE-640)

Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

Weak password recovery mechanisms can be exploited to take over user accounts. Common issues include predictable reset tokens, security questions with easily guessable answers, or lack of verification.

Prevalência

Alta

Frequentemente explorada

Impacto

Alto

3 regras de severidade alta

Prevenção

Documentada

3 exemplos de correção

2 Prevenção

Como corrigir esta vulnerabilidade

Estratégias de prevenção para Weak Password Recovery baseadas em 3 regras de detecção do Shoulder.

🐹 Go Ver tudo Go detalhes →

Weak Password Reset Token HIGH

Use crypto/rand with 32+ bytes of entropy for password reset tokens

+11 -2 go

- func generateResetToken() string {
-     return fmt.Sprintf("%d", time.Now().Unix())
+ import (
+     "crypto/rand"
+     "encoding/hex"
+ )
+ 
+ func generateResetToken() (string, error) {
+     b := make([]byte, 32)
+     if _, err := rand.Read(b); err != nil {
+         return "", err
+     }
+     return hex.EncodeToString(b), nil
  }

🟨 JavaScript Ver tudo JavaScript detalhes →

Weak Password Reset Token HIGH

Use crypto.randomBytes() instead of Math.random() for security tokens

+2 -1 javascript

- user.resetToken = Math.random().toString(36);
+ const crypto = require('crypto');
+ user.resetToken = crypto.randomBytes(32).toString('hex');
  await user.save();

🐍 Python Ver tudo Python detalhes →

Weak Password Reset Token HIGH

Use the secrets module for cryptographically secure token generation

+4 -6 python

- import random
- 
- def create_reset_token():
-     chars = 'abcdef0123456789'
-     reset_token = ''.join(random.choice(chars) for _ in range(32))
-     return reset_token
+ import secrets
+ 
+ def create_reset_token():
+     return secrets.token_urlsafe(32)

3 Detecção

Encontre vulnerabilidades no seu código

Use o Shoulder para escanear seu código em busca de padrões Weak Password Recovery Mechanism for Forgotten Password. 3 regras.

terminal

# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=640

# Or scan entire project
npx @shoulderdev/cli trust .

Regras de Detecção (3)

🐹 Go 1 rules

Weak Password Reset Token HIGH

Password reset token uses predictable values like timestamps or math/rand.

🟨 Javascript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🔷 Typescript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🐍 Python 1 rules

Weak Password Reset Token HIGH

Detects password reset tokens generated using weak or predictable methods like timestamps or non-cryptographic random.

4 Sinais de Alerta

O que observar nas revisões de código

Estes padrões indicam vulnerabilidades potenciais de Weak Password Recovery Mechanism for Forgotten Password. Procure-os durante revisões de código e auditorias de segurança.

🟠

predictable random number generation (Math javascript-weak-password-reset-token

🟠

password reset tokens generated using weak or predictable methods like timestamps or non-cryptograph python-weak-reset-token

🔍

Escaneie seu código para Weak Password Recovery Mechanism for Forgotten Password

O Shoulder CLI encontra padrões vulneráveis em todo o seu código.

npx shoulder trust Ver todas as regras