Weak Password Policy
Unknown
Vulnerability Details
Weak Password Policy :-
In your Website the user are able to use the same password as their user name for eg. the user name is pentest123@ and user can set their password as pestent123@ these type of passwords can be easily guessed
How to Fix this issue ? :-
prevent users to use their username as their password
Actions
View on HackerOneReport Stats
- Report ID: 115036
- State: Closed
- Substate: resolved
- Upvotes: 2