Top 10 2010-A7-Insecure Cryptographic Storage

For a more complete set of requirements and problems to avoid in this area, see the ASVS requirements on Cryptography (V7).
 * OWASP Top 10-2007 on Insecure Cryptographic Storage
 * ESAPI Encryptor API
 * OWASP Development Guide: Chapter on Cryptography
 * OWASP Code Review Guide: Chapter on Cryptography


 * CWE Entry 310 on Cryptographic Issues
 * CWE Entry 312 on Cleartext Storage of Sensitive Information
 * CWE Entry 326 on Weak Encryption