My IA department has run a security can on our MVC application and the following error was displayed: Password transmitted in clear text or with an unapproved format are vulnerable to network protocol analyzers. These passwords acquired with the network
protocol analyzer can be used to immediately access the application. The designer will ensure the application transmits account passwords in an approved encrypted format.
I am new to IA application security fixes so any recommendations would be great!
Thanks,
Steve Holdorf
↧
Password transmitted in clear text or with an unapproved format MVC IA finding
↧