CWE-654: Reliance on a Single Factor in a Security Decision

Description

A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make a decision about granting access to restricted resources or functionality.

Submission Date :

Jan. 18, 2008, midnight

Modification Date :

2023-10-26 00:00:00+00:00

Organization :

Purdue University
Example Vulnerable Codes

Example - 1

Password-only authentication is perhaps the most well-known example of use of a single factor. Anybody who knows a user's password can impersonate that user.

Example - 2

When authenticating, use multiple factors, such as "something you know" (such as a password) and "something you have" (such as a hardware-based one-time password generator, or a biometric device).

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-308: Use of Single-factor Authentication
Go to
CWE-309: Use of Password System for Primary Authentication
Go to
CWE-657: Violation of Secure Design Principles
Go to
CWE-693: Protection Mechanism Failure
Go to
CWE-1293: Missing Source Correlation of Multiple Independent Data
Go to

Visit http://cwe.mitre.org/ for more details.