--- title: SCRAM-SHA-256 Password Storage Scheme description: The SCRAM-SHA-256 Password Storage Scheme provides a mechanism for encoding user passwords for use with the SASL SCRAM authentication mechanism defined in RFC 5802. component: pingds version: 8.1 page_id: pingds:configref:objects-scram-sha256-password-storage-scheme canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-scram-sha256-password-storage-scheme.html section_ids: parent: Parent scram_sha_256_password_storage_scheme_properties: SCRAM-SHA-256 Password Storage Scheme properties basic_properties: Basic properties enabled: enabled scram-iterations: scram-iterations advanced_properties: Advanced properties java-class: java-class --- # SCRAM-SHA-256 Password Storage Scheme The SCRAM-SHA-256 Password Storage Scheme provides a mechanism for encoding user passwords for use with the SASL SCRAM authentication mechanism defined in RFC 5802. This scheme contains an implementation for the user password syntax, and uses the scheme name SCRAM-SHA-256. Password values are encoded using the format described in RFC 5803. ## Parent The SCRAM-SHA-256 Password Storage Scheme object inherits from [Password Storage Scheme](objects-password-storage-scheme.html). ## SCRAM-SHA-256 Password Storage Scheme properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | --------------------------------------------------------- | ------------------------- | | [enabled](#enabled) [scram-iterations](#scram-iterations) | [java-class](#java-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### enabled | | | | ----------------------- | ----------------------------------------------------------------- | | *Synopsis* | Indicates whether the Password Storage Scheme is enabled for use. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### scram-iterations | | | | ----------------------- | ------------------------------------------------------------------ | | *Synopsis* | The number of iterations to use when deriving the salted password. | | *Default value* | 10000 | | *Allowed values* | An integer.Lower limit: 1. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | ---------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the fully-qualified name of the Java class that provides the SCRAM-SHA-256 Password Storage Scheme implementation. | | *Default value* | org.opends.server.extensions.ScramSha256PasswordStorageScheme | | *Allowed values* | A Java class that extends or implements:- org.opends.server.api.PasswordStorageScheme | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No |