FolderGrid hashes all user credentials prior to storage. We first hash the plain text password using SHA-512 and then in an abundance of caution and to avoid reliance on either hashing technique alone, we feed that hash into BCrypt.
Complexity Enforcement
FolderGrid enforces password complexity using Dan Palmer's Complexify project which ensures user selected passwords set through our WebApp exhibit a sufficient level of complexity to thwart brute-force attacks.
The only strict rule enforced for passwords set via our API is an eight character minimum.