ASVS Requirement 11.4.2

• Level: 2
• Chapter: V11 Cryptography
• Section: V11.4 Hashing and Hash-based Functions
• Source: 0x20-V11-Cryptography.md

Description

Verify that passwords are stored using an approved, computationally intensive, key derivation function (also known as a "password hashing function"), with parameter settings configured based on current guidance. The settings should balance security and performance to make brute-force attacks sufficiently challenging for the required level of security.