CWE-262 未使用口令老化机制

Not Using Password Aging

结构: Simple

Abstraction: Variant

状态: Draft

被利用可能性: Low


If no mechanism is in place for managing password aging, users will have no incentive to update passwords in a timely manner.


  • cwe_Nature: ChildOf cwe_CWE_ID: 287 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 404 cwe_View_ID: 1000

  • cwe_Nature: PeerOf cwe_CWE_ID: 309 cwe_View_ID: 1000

  • cwe_Nature: PeerOf cwe_CWE_ID: 263 cwe_View_ID: 1000

  • cwe_Nature: PeerOf cwe_CWE_ID: 324 cwe_View_ID: 1000


Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}


范围 影响 注释
Access Control Gain Privileges or Assume Identity As passwords age, the probability that they are compromised grows.


Architecture and Design


The recommendation that users change their passwords regularly and do not reuse passwords is universal among security experts. In order to enforce this, it is useful to have a password aging mechanism that notifies users when passwords are considered old and that requests that they replace them with new, strong passwords. In order for this functionality to be useful, however, it must be accompanied with documentation which stresses how important this practice is and which makes the entire process as simple as possible for the user.


A common example is not having a system to terminate old employee accounts.

Not having a system for enforcing the changing of passwords every certain period.


映射的分类名 ImNode ID Fit Mapped Node Name
CLASP Not allowing password aging


  • CAPEC-16
  • CAPEC-49
  • CAPEC-55
  • CAPEC-70