Internet, Networking, & Security Antivirus Store Passwords Using Reversible Encryption Configuring Vista Password Policy Settings by Tony Bradley, CISSP-ISSAP Writer Tony Bradley is a former Lifewire writer and tech journalist who specializes in network and internet security. He is a respected information security expert and prolific author. our editorial process LinkedIn Tony Bradley, CISSP-ISSAP Updated on December 23, 2019 Antivirus Online Scams Social Media Scams Email Scams Phone & Texting Scams Tweet Share Email Enabling Store Passwords Using Reversible Encryption determines whether Windows stores passwords using reversible encryption. Enabling this is essentially the same as storing passwords in plain text which is insecure and not recommended. The purpose of this policy setting is to provide support for applications that use protocols that require knowledge of the user's password for authentication purposes. Enabling this policy setting should be a last resort used only in extreme situation where no alternative exists and application requirements outweigh the need to protect password information. Store Passwords Using Reversible Encryption must be enabled when using CHAP (Challenge-Handshake Authentication Protocol) authentication through remote access or Internet Authentication Services (IAS). It is also required when using Digest Authentication in Internet Information Services (IIS).