Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
in CompleteFTP by (156k points)

Our company was to comply with NIST SP 800-171 3.5.10 "Store and transmit only encrypted representation of passwords" and we have 3 questions that you can possibly help us.

1.) Are passwords prevented from being stored in reversible encryption form?

2.) Are passwords stored as one-way hashes constructed from "salted" passwords?

3.) Are passwords encrypted in storage and in transmission?

1 Answer

0 votes
by (156k points)

1) Yes. 

2) Yes.

3) Yes

We use PBKDF2 for password hashing.