| CWE-261 | Weak Encoding for Password |
| CWE-262 | Not Using Password Aging |
| CWE-263 | Password Aging with Long Expiration |
| CWE-521 | Weak Password Requirements |
| CWE-693 | Protection Mechanism Failure |
| CWE-719 | OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage |
| CWE-916 | Use of Password Hash With Insufficient Computational Effort |
