org.sonar.l10n.py.rules.python.S2257.html Maven / Gradle / Ivy
The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has
been protected. Standard algorithms like Argon2PasswordHasher
, BCryptPasswordHasher
, … should be used instead.
This rule tracks creation of BasePasswordHasher
subclasses for Django applications.
Recommended Secure Coding Practices
- Use a standard algorithm instead of creating a custom one.
Sensitive Code Example
class CustomPasswordHasher(BasePasswordHasher): # Sensitive
# ...
See
© 2015 - 2024 Weber Informatics LLC | Privacy Policy