Storing passwords in a recoverable format

Revision as of 17:37, 30 September 2008 by KirstenS (Talk | contribs)

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 09/30/2008

Vulnerabilities Table of Contents

ASDR Table of Contents


The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. If a system administrator can recover the password directly - or use a brute force search on the information available to him -, he can use the password on other accounts.


  • Confidentiality: User's passwords may be revealed.
  • Authentication: Revealed passwords may be reused elsewhere to impersonate the users in question.

Exposure period

  • Design: The method of password storage and use is often decided at design time.
  • Implementation: In some cases, the decision of algorithms for password encryption or hashing may be left to the implementers.


  • Languages: All
  • Operating platforms: All

Required resources

Access to read stored password hashes


Medium to High

Likelihood of exploit

Very High

The use of recoverable passwords significantly increases the chance that passwords will be used maliciously. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plain-text passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders.

Risk Factors



In C\C  :

int VerifyAdmin(char *password) {
  if (strcmp(compress(password), compressed_password)) {
    printf("Incorrect Password!\n");

  printf("Entering Diagnostic Mode�\n");

In Java:

int VerifyAdmin(String password) {
  if (passwd.Eqauls(compress((compressed_password)) {
//Diagnostic Mode

Related Attacks

Related Vulnerabilities

Related Controls

  • Design / Implementation: Ensure that strong, non-reversible encryption is used to protect stored passwords.

Related Technical Impacts


Note: A reference to related CWE or CAPEC article should be added when exists. Eg: