Hardcoded passwords

Detects potential security tokens or passwords in comments using entropy analysis and regular expressions.

This inspection utilizes entropy analysis and regular expressions to scan the codebase for strings that resemble security tokens or passwords. It highlights these findings, helping developers identify and secure potential vulnerabilities. The inspection's effectiveness relies on the patterns defined in its configuration, making it adaptable to different coding environments and requirements.

// Example of a regular expression pattern used for detection:
/[0-9]+:AA[0-9A-Za-z\-_]{33}/

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

HardcodedPasswords

Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | Security

Text after this comment will only be shown in the settings of the inspection.

Inspection Details
By default bundled with:	Qodana for JVM 2024.3,
Can be installed with plugin:	Hardcoded Passwords, 243.23126

Last modified: 03 December 2024