Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

How Cognito User Pool store password securely ?

0

What is the password-storing mechanism used by the Cognito user pool? i.e Hashing? SHA-256 hashing SHA-512 hashing PBKDF2 hashing

Temas
Seguridad, identidad y cumplimiento
Etiquetas
Amazon Cognito
Idioma
English
Indeewari
preguntada hace 4 meses301 visualizaciones
1 Respuesta
1

Hi,

Cognito Identity does not receive or store user credentials. Cognito Identity uses the token from the identity provider to obtain a unique identifier for the user.

Please. go to Cognito's FAQ: https://aws.amazon.com/cognito/faqs/#:~:text=Cognito%20Identity%20does%20not%20receive%20or%20store%20user%20credentials.

Q: When using public identity providers, does Amazon Cognito Identity store users’ credentials?

No, your app communicates directly with the supported public identity provider (Amazon, Facebook, Twitter,  Google, or an Open ID Connect-compliant provider) to authenticate users. Cognito Identity does not receive or store user credentials. Cognito Identity uses the token from the identity provider to obtain a unique identifier for the user and then hashes it using a one-way hash so that the same user can be recognized again in the future without storing the actual user identifier.

Best, Didier

profile pictureAWS
EXPERTO
Didier_Durand
respondido hace 4 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante