The application which I test has come up with a new change and the change is that when any authorised user logins into the application then a encrypted password will be generated in the DB and that encrypted password will be used to login into the DB.
Ealier the user was directly getting connected to database when he used to login into the application.
I have one case which i have thought of is I will try to login into the database using users application password, which should not allow.
Can anyone suggest that what are the other cases I can consider.
Thanks in Advance.
I have nothing to declare except my genius. -Oscar Wilde