Forum Discussion
Nathan_F__F5_
Jun 20, 2019Employee
Hi Erika,
The ASM uses a database of hashed username/password pairs to implement its checks for leaked credentials. The usernames and passwords themselves are not stored on the ASM. The hashes are built from records sourced from multiple databases of compromised usernames and passwords with over a billion entries in total. This database is maintained by the Product Development team but does not have a specific update cycle. Instead, the database is simply updated as more compromised credentials are released.
I hope this helps.