Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Storage of passwords in Cognito

0

Does Amazon Cognito store passwords in encrypted form for users in a user pool?

Argomenti
Sicurezza, identità e conformità
Tag
Amazon Cognito
Lingua
English
STSMariner
posta un anno fa1189 visualizzazioni
1 Risposta
1

Encryption at rest

Data within Amazon Cognito is encrypted at rest in accordance with industry standards.

https://docs.aws.amazon.com/cognito/latest/developerguide/data-protection.html

Encryption in transit

Clients must support the following:

  • Transport Layer Security (TLS). We require TLS 1.2 and recommend TLS 1.3.
  • Cipher suites with perfect forward secrecy (PFS) such as DHE (Ephemeral Diffie-Hellman) or ECDHE (Elliptic Curve Ephemeral Diffie-Hellman). Most modern systems such as Java 7 and later support these modes.

https://docs.aws.amazon.com/cognito/latest/developerguide/data-protection.html

Compliance validation for Amazon Cognito

Third-party auditors assess the security and compliance of Amazon Cognito as part of multiple AWS compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others. https://docs.aws.amazon.com/cognito/latest/developerguide/compliance-validation.html

profile pictureAWS
Peter Grainger
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente