The application implements a weak password policy. Without sufficient password complexity, it is significantly easier for an attacker to use brute attacks to determine passwords. Password policy should enforce password complexity including length and mixed character requirements.
A weak password policy increases the probability of an attacker having success using brute force and dictionary attacks against user accounts. An attacker who can determine user passwords can take over a user’s account and potentially access sensitive data in the application.
How To Test
Sample Report Screenshots
Time Saving Tips