Plaintext passwords
Identifies plaintext passwords patterns in security and access control contexts. Detects potential exposure of sensitive security information in Australian systems.
- Type
- regex
- Engine
- boost_regex
- Confidence
- low
- Confidence justification
- Low confidence marker: phrase-based artifact detection to bootstrap line-by-line coverage. Requires corroborative evidence and later hardening to high-confidence structural patterns.
- Detection quality
- Mixed
- Jurisdictions
- global
- Regulations
- Criminal Code Act 1995 (Cth), NDB Scheme (Cth), SOCI Act 2018 (Cth), TIA Act 1979 (Cth)
- Frameworks
- CIS Controls, DISP, ISO 27001, NIST CSF, PCI-DSS, SOC 2
- Data categories
- credentials, security
- Scope
- wide
- Platform compatibility
- Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Compatible, Netskope: Compatible
Pattern
\bplaintext\s+passwords\bCorroborative evidence keywords
plaintext passwords, plaintext, passwords, credentials, keys, secrets, api key, api_key, apikey, access key, access token, auth token, authorization, bearer, conn str, connection string, connectionstring, cookie, credential, database (+15 more)
Proximity: 300 characters
Should match
Plaintext passwords— Exact phrase marker matchplaintext passwords— Case-insensitive phrase matchPlaintext passwords— Normalized whitespace phrase
Should not match
unrelated generic text— No relevant phrase contextplaceholder value 12345— Random text should not match phrase marker
Known false positives
- Authentication-related terminology in software documentation, security training materials, or system architecture descriptions without actual credentials. Mitigation: Require proximity to credential-specific patterns (API keys, connection strings, tokens) rather than general security terminology.
- Code snippets and configuration examples containing credential-related keywords or placeholder values in developer documentation. Mitigation: Check for common placeholder patterns (example.com, localhost, 0000) and documentation file types to reduce false positives from technical writing.