Weak encryption library usage detected.


Passwords should be encrypted with strong encryption algorithms like aes-256-cbc


According to OWASP: MD5, RC4, DES, Blowfish, SHA1. 1024-bit RSA or DSA, 160-bit ECDSA (elliptic curves), 80/112-bit 2TDEA (two key triple DES) are considered as weak hash/encryption algorithms and therefore shouldn't be used.

✅ Use stronger encryption algorithms when storing passwords.

const crypto = require("crypto");

const key = "secret key";
const encrypted = crypto.createHmac("es-256-cbc", key).update(user.password);


Associated CWE

OWASP Top 10

Ready to take the next step? Join the Bearer Cloud waitlist.