P02 Plaintext Password Storage
What this means
SiteShadow flagged a password being stored in plaintext or hashed with a weak/incorrect approach (e.g., raw password persisted, reversible "encryption," or fast hashes like MD5/SHA1/SHA256).
Why it matters
Plaintext or weakly hashed passwords can be stolen and reused.
- Immediate account takeover after a database leak if passwords are plaintext/reversible.
- Credential stuffing across other sites because users reuse passwords.
- Regulatory/compliance risk: storing plaintext passwords is a major security failure.
Safer examples
1) Use a password hashing library (Argon2id/bcrypt/scrypt)
from argon2 import PasswordHasher
ph = PasswordHasher()
stored_hash = ph.hash(password)2) Verify passwords with constant-time checks (library provided)
ph.verify(stored_hash, password_attempt)3) Never decrypt passwords
Passwords are verified, not decrypted. If you need "recoverable secrets," use separate secret storage per user and protect it independently.
How SiteShadow detects it (high level)
- Flags variables named like passwords being persisted directly or passed to weak hashing.
- Recognizes common password-storage anti-patterns (plaintext columns, reversible encryption, fast hash usage in password contexts).
References
- CWE-256: https://cwe.mitre.org/data/definitions/256.html
---