Clear text password for authentication of external users MUST be stored as iterated hashes with a per-user salt by using a key stretching (iterated) algorithm (e.g., PBKDF2, Bcrypt or Scrypt).

This is track the comment noted on https://gerrit.onap.org/r/#/c/71208/