Testing for Vulnerable Remember Password
OWASP Web Security Testing Guide 4.2 > 4. Authentication Testing > 4.5. Testing for Vulnerable Remember Password
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
4.5 | WSTG-ATHN-05 | Testing for Vulnerable Remember Password | - Validate that the generated session is managed securely and do not put the user's credentials in danger (e.g., cookie) - Verify that the credentials are not stored in clear text, but are hashed. Autocompleted=off? |