NIST SP 800-171 & CMMC 2.0 Control 3.5.10 Requirement:

Store and transmit only cryptographically protected passwords.

NIST SP 800-171 & CMMC 2.0 3.5.10 Requirement Explanation:

If an attacker gets a hold of an unencrypted password he can gain access to your systems. By storing them as a one way hash it is more difficult for an attacker to use them.

Example NIST SP 800-171 & CMMC 2.0 3.5.10 Implementation:

Ensure that your passwords are stored on your systems using a "one-way hash". Many systems such as Active Directory and Windows 10 do this be default. Confirm that your systems are in fact storing your password cryptographically by configuring them to do so. DISA security technical implementation guides often contain settings for ensuring that passwords are stored in encrypted form.

NIST SP 800-171 & CMMC 2.0 3.5.10 Scenario(s):

- Scenario 1:

Your company's systems use active directory for authentication. Active directory stores passwords as one-way hashes and transmits them in an encrypted format.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.