Configuration password encryption
From the hardening guide, I see "User and administrator passwords are stored securely on the system in an encrypted format. The encryption hash used for admin account passwords is SHA256/SHA1. The value that is seen in the configuration file is the Base64 encoded hash value." Does this mean that the password is hashed using SHA256 then that resulting value is hashed using SHA1? Or does it mean that only SHA256 or SHA1 is used to encrypt it in the first place?