kwrigh8176
commented
8 months ago Implemented in the VolunteerIndex API
Uses an encryption algorithm, in which the password hash and the salt are the only two things stored in the API.
At run time, the API can use the algorithm function along with the passed password and the saved salt. This result is then compared against the saved hash to see if they match. If it is a match, then the passwords must also match.
As a user or an organization, I should expect sensitive info like passwords to be encrypted.