Crypto Crypt Crypt R
The crypt functions are not recommended due to the significantly small key space. Modern hardware can crack crypt produced passwords relatively quickly. Consider using the Argon2id password hashing algorithm provided by libsodium. For more information please see: https://libsodium.gitbook.io/doc/password_hashing.
greprules fetch gitlab-sast-c-crypto-rule-crypt-crypt-r --engine opengrepDescription
The crypt functions are not recommended due to the significantly small key space. Modern hardware can crack crypt produced passwords relatively quickly. Consider using the Argon2id password hashing algorithm provided by libsodium. For more information please see: https://libsodium.gitbook.io/doc/password_hashing.
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.