By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Storage of passwords in Cognito

0

Does Amazon Cognito store passwords in encrypted form for users in a user pool?

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
STSMariner
asked a year ago1.1K views
1 Answer
1

Encryption at rest

Data within Amazon Cognito is encrypted at rest in accordance with industry standards.

https://docs.aws.amazon.com/cognito/latest/developerguide/data-protection.html

Encryption in transit

Clients must support the following:

  • Transport Layer Security (TLS). We require TLS 1.2 and recommend TLS 1.3.
  • Cipher suites with perfect forward secrecy (PFS) such as DHE (Ephemeral Diffie-Hellman) or ECDHE (Elliptic Curve Ephemeral Diffie-Hellman). Most modern systems such as Java 7 and later support these modes.

https://docs.aws.amazon.com/cognito/latest/developerguide/data-protection.html

Compliance validation for Amazon Cognito

Third-party auditors assess the security and compliance of Amazon Cognito as part of multiple AWS compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others. https://docs.aws.amazon.com/cognito/latest/developerguide/compliance-validation.html

profile pictureAWS
Peter Grainger
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content