IA.2.081 Store and transmit only cryptographically-protected passwords.

CMMC Practice IA.2.081: Store and transmit only cryptographically-protected passwords.

Links to Publicly Available Resources

CMMC CLARIFICATION (Ref CMMC – Appendix B)

All passwords must be cryptographically protected in a one-way function for storage and transmission. This type of protection changes passwords into another form, or a hashed password. A one-way transformation makes it impossible to turn the hashed password back into the original password.