Hardcoded sensitive information.

ID

objectivec.storage.ios_hardcoded_secret

Severity

low

Resource

Storage

Language

Objective-C

Description

Source files may contain hardcoded sensitive information like usernames, passwords, keys etc.

Rationale

Source files may contain hardcoded sensitive information like usernames, passwords, keys etc.

The following code illustrates a vulnerable pattern detected by this rule:

void badHardcodedPassword() {
    // VULNERABLE: Hardcoded sensitive information.
    NSString *password = @"mysecretpass123";
}

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References