SCRAM (Salted Challenge-Response Authentication Mechanism, https://docs.mongodb.com/manual/core/security-scram/#scram) is the default authentication mechanism. This mechanism provides several options, including the ability to provide a unique salt per user. This greatly enhances randomization and can potentially limit damage if one user account is compromised. In addition, you can adjust the iteration count, also referred to as cost. The higher the cost, the harder it is to crack the password. The trade-off is that it takes longer to generate the hash.
The two SCRAM algorithms supported are summarized as follows:
- SCRAM-SHA-1: SHA-1 (Secure Hash Algorithm 1, https://en.wikipedia.org/wiki/SHA-1) was introduced by the United States ...