Passwords are encrypted using AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes. SSL/TLS and certificate authentication protect the password in transit. Passwords are not stored in the EmpowerID database. Only a hash of the password is stored. Note — There is no setting in EmpowerID to enable TLS, as it is based on your IIS settings. For more information, see: https://docs.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview and https://www.petri.com/cipher-best-practice-configure-iis-ssl-tls-protocol |