The application must support organizational requirements to enforce password encryption for storage.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26923 | SRG-APP-000171 | SV-34203r1_rule | Medium |
| Description |
|---|
| Applications must enforce password encryption when storing passwords. Passwords need to be protected at all times and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read and easily compromised. |
| STIG | Date |
|---|---|
| Application Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |