OWASP
diff --git a/‎2019/en/dist/owasp-api-security-top-10.odt
84 Bytes b/‎2019/en/dist/owasp-api-security-top-10.odt
84 Bytes
diff --git a/‎2019/en/dist/owasp-api-security-top-10.pdf
18 Bytes b/‎2019/en/dist/owasp-api-security-top-10.pdf
18 Bytes
diff --git a/‎2019/en/src/0xa2-broken-user-authentication.md
Lines changed: 1 addition & 1 deletion b/‎2019/en/src/0xa2-broken-user-authentication.md
Lines changed: 1 addition & 1 deletion
@@ -23,7 +23,7 @@ An API is vulnerable if it:
 * Doesn’t validate the authenticity of tokens.
 * Accepts unsigned/weakly signed JWT tokens (`"alg":"none"`)/doesn’t
   validate their expiration date.
-* Uses plain text, encrypted, or weakly hashed passwords.
+* Uses plain text, non-encrypted, or weakly hashed passwords.
 * Uses weak encryption keys.
 
 ## Example Attack Scenarios