The operating system protects locally stored passwords by hashing them. SIMP maximizes that protection by using the SHA512 algorithm.
Passwords expire every 180 days, must be at least 1 day old to be changed, and users are warned 14 days before the password will expire.
References: :ref:`IA-5c.`, :ref:`IA-5f.`, :ref:`IA-5h.`