All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.sonar.l10n.py.rules.python.S2257.html Maven / Gradle / Ivy

There is a newer version: 4.23.0.17664
Show newest version

The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Standard algorithms like Argon2PasswordHasher, BCryptPasswordHasher, …​ should be used instead.

This rule tracks creation of BasePasswordHasher subclasses for Django applications.

Recommended Secure Coding Practices

  • Use a standard algorithm instead of creating a custom one.

Sensitive Code Example

class CustomPasswordHasher(BasePasswordHasher):  # Sensitive
    # ...

See





© 2015 - 2024 Weber Informatics LLC | Privacy Policy