Do More › Web & Search Store Passwords Using Reversible Encryption Configuring Vista Password Policy Settings Share Pin Email Print Web & Search Safety & Privacy Best of the Web Search Engines Running a Website by Tony Bradley, CISSP-ISSAP Tony Bradley is a former Lifewire writer and tech journalist who specializes in network and internet security. He is a respected information security expert and prolific author. Updated August 01, 2019 Enabling Store Passwords Using Reversible Encryption determines whether Windows stores passwords using reversible encryption. Enabling this is essentially the same as storing passwords in plain text which is insecure and not recommended. The purpose of this policy setting is to provide support for applications that use protocols that require knowledge of the user's password for authentication purposes. Enabling this policy setting should be a last resort used only in extreme situation where no alternative exists and application requirements outweigh the need to protect password information. Store Passwords Using Reversible Encryption must be enabled when using CHAP (Challenge-Handshake Authentication Protocol) authentication through remote access or Internet Authentication Services (IAS). It is also required when using Digest Authentication in Internet Information Services (IIS). Continue Reading