R133. Passwords with at least 20 characters

Requirement

System passwords must be at least 20 characters long.

References

  1. CWE-521: Weak Password Requirements The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

  2. OWASP-ASVS v4.0.1 V2.1 Password Security Requirements.(2.1.1) Verify that user set passwords are at least 12 characters in length.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy