16.4: Encrypt or Hash all Authentication Credentials

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:


Info icon.

The next version of the control set incorporates all or part of this control into: 3.11: Encrypt Sensitive Data at Rest.

Control Statement

Encrypt or hash with a salt all authentication credentials when stored.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]