Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-5039

Encrypt by default user passwords stored in an SQL database

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.3.2
    • Component/s: None
    • Impact type:
      Configuration format change
    • Upgrade notes:
      Hide

      To activate password encryption, add to your configuration file (default-sql-directories-bundle.xml by default):
      <passwordHashAlgorithm>SSHA</passwordHashAlgorithm>
      after <passwordField>...</passwordField>

      The other algorithm available is SMD5.

      This is fully backward-compatible as old cleartext passwords will still be recognized and used. Whenever a user entry is modified the password will be encrypted if it's not already.

      Show
      To activate password encryption, add to your configuration file (default-sql-directories-bundle.xml by default): <passwordHashAlgorithm>SSHA</passwordHashAlgorithm> after <passwordField>...</passwordField> The other algorithm available is SMD5. This is fully backward-compatible as old cleartext passwords will still be recognized and used. Whenever a user entry is modified the password will be encrypted if it's not already.

      Description

      In order to avoid password leaks if a server's database is compromised, the user passwords stored in the SQL database should be encrypted and salted by default.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                fguillaume Florent Guillaume
                Reporter:
                fguillaume Florent Guillaume
                Participants:
              • Votes:
                1 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.