rspec/rules/S2087/description.adoc

Security through obscurity is no security at all, and the use of Base64 encoding to obscure a password will only slow an attacker down for seconds, at the most. Instead, passwords should be encrypted with private keys that are at least 128 bits in length.


This rule checks for the use of Base64 decoding on values that are then used in database and LDAP connections.
	`Security through obscurity is no security at all, and the use of Base64 encoding to obscure a password will only slow an attacker down for seconds, at the most. Instead, passwords should be encrypted with private keys that are at least 128 bits in length.`


	`This rule checks for the use of Base64 decoding on values that are then used in database and LDAP connections.`