rspec/rules/S2087/description.adoc

Security through obscurity is no security at all, and the use of Base64 encoding to obscure a password will only slow an attacker down for seconds, at the most. Instead, passwords should be encrypted with private keys that are at least 128 bits in length.


This rule checks for the use of Base64 decoding on values that are then used in database and LDAP connections.
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`Security through obscurity is no security at all, and the use of Base64 encoding to obscure a password will only slow an attacker down for seconds, at the most. Instead, passwords should be encrypted with private keys that are at least 128 bits in length.`

Force linebreaks 2021-02-02 15:02:10 +01:00
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`This rule checks for the use of Base64 decoding on values that are then used in database and LDAP connections.`