Replies

Hi William,

Caché does not store plaintext passwords. All passwords are hashed prior to storage, and the passwords hashes are then compared. More information about password security can be found in the "Caché Authentication" portion of the documentation: http://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=...

Caché stores only irreversible cryptographic hashes of passwords. The hashes are calculated using the PBKDF2 algorithm with the HMAC-SHA-1 pseudorandom function, as defined in Public Key Cryptography Standard #5 v2.1: “Password-Based Cryptography Standard.”  The current implementation uses 1024 iterations, 64 bits of salt, and generates 20 byte hash values.  There are no known techniques for recovering original passwords from these hash values.