Amazon Cognito adds support for importing users with password hashes
Amazon Cognito now allows importing users with pre-existing password hashes via CSV, eliminating the need for immediate password resets. This feature enables users to sign in with their existing credentials upon import, improving the user experience during migration. It supports common hashing algorithms like bcrypt, scrypt, Argon2id, and PBKDF2, and is available in all AWS Regions where Cognito is offered.
- →Import users with password hashes via CSV
- →Support for multiple password hashing algorithms
- →Availability and getting started
Features (1) ›
- Import users with password hashes via CSV
Amazon Cognito now supports including password hashes in CSV user imports, allowing users to sign in immediately with their existing credentials. Previously, users had to reset their passwords upon first sign-in after CSV import.
Enhancements (1) ›
- Support for multiple password hashing algorithms
The feature supports importing password hashes generated by bcrypt, scrypt, Argon2id, and PBKDF2 with SHA-256. Imported hashes are cryptographically protected before storage by Amazon Cognito.
Notes (1) ›
- Availability and getting started
Password hash import is available in all AWS Regions where Amazon Cognito is offered. Users can begin using this feature via the AWS Management Console, CLI, or SDKs.
https://aws.amazon.com/about-aws/whats-new/2026/07/amazon-cognito-password-hash-import/
Related releases
- Amazon CloudWatch Logs adds intelligent storage tiering AWS What's New ·
- AWS Glue adds SAP OData connector and zero-ETL to GovCloud regions AWS What's New ·
- Amazon Neptune 1.1.1.0 end-of-life date moved to 2026-11-30 endoflife.date ·
- Amazon Neptune 1.2.0.0 end-of-life date moved to 2026-11-30 endoflife.date ·
- Amazon Neptune 1.2.0.1 end-of-life date moved to 2026-11-30 endoflife.date ·
- Amazon Neptune 1.2.0.2 end-of-life date moved to 2026-11-30 endoflife.date ·