Passphrases stored in databases are hashed with a uniquely salted Australian Signals Directorate Approved Cryptographic Algorithm.
Topic
Protecting authentication credentials in databases
Applicable to
all
History
Priority
must
Mar 2022
Removed
The previous recommendation to ensure that credentials are hashed, salted and stretched when stored on systems has been expanded to include the use of password managers and hardware security modules. Furthermore, the existing recommendation within the Guidelines for Database Systems that duplicated the hashing, salting and stretching advice (ISM-1252) was rescinded.
Jun 2019
Passphrases stored in databases are hashed with a uniquely salted Australian Signals Directorate Approved Cryptographic Algorithm.
Security control 1252 was modified. The use of the term ‘strong hashing algorithm’ was replaced with ‘Australian Signals Directorate Approved Cryptographic Algorithm’.
May 2019
Passphrases stored in databases are hashed with a strong hashing algorithm that is uniquely salted.
2015
Passphrases stored in databases must be hashed with a strong hashing algorithm which isuniquely salted.