Testing for Weak Password Policy
OWASP Web Security Testing Guide 4.2 > 4. Authentication Testing > 4.7. Testing for Weak Password Policy
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
4.7 | WSTG-ATHN-07 | Testing for Weak Password Policy | - Determine the resistance of the application against brute Force password guessing using available password dictionaries by evaluating the length, complexity, reuse, and aging requirements of passwords. - Review whether new User accounts are created with weak or predictable passwords. |