Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

How Cognito User Pool store password securely ?

0

What is the password-storing mechanism used by the Cognito user pool? i.e Hashing? SHA-256 hashing SHA-512 hashing PBKDF2 hashing

Tópicos
Segurança, identidade e conformidade
Tags
Amazon Cognito
Idioma
English
Indeewari
feita há 4 meses301 visualizações
1 Resposta
1

Hi,

Cognito Identity does not receive or store user credentials. Cognito Identity uses the token from the identity provider to obtain a unique identifier for the user.

Please. go to Cognito's FAQ: https://aws.amazon.com/cognito/faqs/#:~:text=Cognito%20Identity%20does%20not%20receive%20or%20store%20user%20credentials.

Q: When using public identity providers, does Amazon Cognito Identity store users’ credentials?

No, your app communicates directly with the supported public identity provider (Amazon, Facebook, Twitter,  Google, or an Open ID Connect-compliant provider) to authenticate users. Cognito Identity does not receive or store user credentials. Cognito Identity uses the token from the identity provider to obtain a unique identifier for the user and then hashes it using a one-way hash so that the same user can be recognized again in the future without storing the actual user identifier.

Best, Didier

profile pictureAWS
ESPECIALISTA
Didier_Durand
respondido há 4 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante