# Use of Password Hash With Insufficient Computational Effort (CWE-916)

The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.

- Prevalence: High Frequently exploited
- Impact: High 2 high-severity rules
- Prevention: Documented 2 fix examples

**OWASP:** Cryptographic Failures (A02:2021-Cryptographic Failures) - #2

## Description

Fast hashing algorithms like MD5, SHA-1, or even SHA-256 are unsuitable for password hashing because they can be computed quickly, enabling rapid brute-force attacks. Purpose-built password hashing algorithms like bcrypt, scrypt, or Argon2 are designed to be slow.

## Prevention

Prevention strategies for Insufficient Password Hash based on 2 Shoulder detection rules.

### Node.js

Use bcrypt or argon2 for password hashing instead of MD5/SHA1/SHA256

### Python

Use bcrypt, argon2, or PBKDF2 instead of MD5/SHA for password hashing

## Warning Signs

- [HIGH] password hashing using weak algorithms (MD5, SHA1, plain SHA256) without proper salt or iteration, m
- [HIGH] use of weak password hashing algorithms like MD5 or SHA-1 instead of bcrypt, argon2, or PBKDF2

## Consequences

- Gain Privileges
- Bypass Protection Mechanism

## Mitigations

- Use bcrypt, scrypt, or Argon2 for password hashing
- Use appropriate work factors that make hashing slow
- Salt passwords before hashing

## Detection

- Total rules: 2
- Languages: javascript, typescript, python

## Rules by Language

### Javascript (1 rules)

- **Weak Password Storage** [HIGH]: Detects password hashing using weak algorithms (MD5, SHA1, plain SHA256) without proper salt or iteration, making passwords vulnerable to rainbow table and brute force attacks.
  - Remediation: Use bcrypt or argon2 for password hashing instead of MD5/SHA1/SHA256.

```javascript
const bcrypt = require('bcrypt');
const hash = await bcrypt.hash(password, 12);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-916/weak-password-storage

### Typescript (1 rules)

- **Weak Password Storage** [HIGH]: Detects password hashing using weak algorithms (MD5, SHA1, plain SHA256) without proper salt or iteration, making passwords vulnerable to rainbow table and brute force attacks.
  - Remediation: Use bcrypt or argon2 for password hashing instead of MD5/SHA1/SHA256.

```javascript
const bcrypt = require('bcrypt');
const hash = await bcrypt.hash(password, 12);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-916/weak-password-storage

### Python (1 rules)

- **Weak Password Hashing Algorithm** [HIGH]: Detects use of weak password hashing algorithms like MD5 or SHA-1 instead of bcrypt, argon2, or PBKDF2.
  - Remediation: Use bcrypt, argon2, or PBKDF2 for password hashing.

```python
import bcrypt
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt(rounds=12))
```

Learn more: https://shoulder.dev/learn/python/cwe-916/weak-password-hashing