How are passwords stored?

Security, Privacy & Data Protection

Your password is never stored in plain text - it is securely hashed using battle-tested cryptographic standards built into ASP.NET Core Identity.

What Happens When You Set a Password

CertNudge never stores your actual password. Instead, we use:

  • PBKDF2 (Password-Based Key Derivation Function 2) — a widely trusted algorithm used by banks and enterprise apps
  • Unique per-user salt: Even if two users have the same password, their hashes will be different
  • 10,000+ iterations: Each hash requires significant computing power to deter brute-force attacks

Automatically Upgraded When Standards Evolve

We rely on Microsoft’s ASP.NET Core Identity framework, which automatically adjusts hashing strength over time:

  • Adaptive security: If Microsoft increases the recommended iteration count or changes best practices, CertNudge follows suit
  • Seamless upgrades: User passwords are rehashed with newer settings automatically when they next log in
Want even more protection?

We recommend enabling Two-Factor Authentication (2FA) for an extra layer of security on your account.

password security hashing pbkdf2 identity encryption
Was this helpful?
Share this FAQ
Back to Security, Privacy & Data Protection
Browse All Categories