CAPEC Related Weakness
Password Brute Forcing
CWE-257 Storing Passwords in a Recoverable Format
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-654 Reliance on a Single Factor in a Security Decision