# Use strong hash algorithm

<table><thead><tr><th width="138">Check ID</th><th>APP_0009</th></tr></thead><tbody><tr><td>Category</td><td>Security</td></tr><tr><td>Summary</td><td>Your app can be configured to use a specific hash algorithm for saving passwords or other sensitive data attributes. Some hash algorithms available for use in Mendix are no longer considered secure and are only available for legacy purposes. Only use modern hash algorithms that are considered secure.</td></tr><tr><td>Options</td><td>Hash Algorithm - Select the hash algorithms that your organization considers secure. The default algorithms selected are <strong>BCrypt</strong> and <strong>SHA-256</strong>.</td></tr><tr><td>Pass</td><td>The hash algorithm configured for the app matches one of the algorithms that you configured in this check.</td></tr><tr><td>Fail</td><td>The hash algorithm configured for the app doe not match one of the algorithms that you configured in this check.</td></tr></tbody></table>