Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us

REQ.134 Store passwords with salt

This document contains the details of the security requirements related to the definition and management of access credentials in the organization. This requirement establishes the importance of storing passwords securely using cryptographic functions to mask their content.


The system must store passwords with different key derivations (Salt)


  1. OWASP-ASVS v3.1-2.13 Verify that account passwords are one way hashed with a salt, and there is sufficient work factor to defeat brute force and password hash recovery attacks.

  2. OWASP-ASVS v3.1-2.21 Verificar que todas las credenciales de autenticación para acceder a servicios externos a la aplicación estén encriptadas y almacenadas en una localización protegida.

Service status - Terms of Use