NIST 800-171 R-3.5.10
Protect Stored and Transmitted Passwords
Official citation: 3.5.10
Class: core · Severity: high
Statement of the obligation — verify against source
3.5.10
What it means
Store and transmit passwords only in cryptographically protected form — salted, one-way cryptographic hashes — so they can't be read even if intercepted or exposed. Use FIPS-validated cryptography.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.