You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Mihaly Dallos (Jira)" <ji...@apache.org> on 2022/12/09 08:38:00 UTC

[jira] [Updated] (FINERACT-1831) Tenant passwd encryption

     [ https://issues.apache.org/jira/browse/FINERACT-1831?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mihaly Dallos updated FINERACT-1831:
------------------------------------
    Description: 
{panel}
*As a* _Fineract operator_
*I want to* store tenant passwords encrypted
*in order to* _reduce security risk_
{panel}
h4. *Background and details:*

Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.…
{panel}
*Acceptance criteria*
 # Tenant passwords are encrypted in the {{fineract_tenants}} schema

 # Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption)

 # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}

 # Existing tenants are migrated over to encrypted passwords seamlessly

 # The master password and initialization vector (IV) for encrypting the data can be configured via environment variables

 # The encryption for tenant passwords cannot be turned off{panel}

  was:
h2. Description
 
{panel}
{panel}
 {panel}
*As a* _Fineract operator_
*I want to* store tenant passwords encrypted
*in order to* _reduce security risk_
{panel}
h4. *Background and details:*

Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.…
{panel}
*Acceptance criteria*
 # Tenant passwords are encrypted in the {{fineract_tenants}} schema

 # Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption)

 # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}

 # Existing tenants are migrated over to encrypted passwords seamlessly

 # The master password and initialization vector (IV) for encrypting the data can be configured via environment variables

 # The encryption for tenant passwords cannot be turned off
{panel}


> Tenant passwd encryption
> ------------------------
>
>                 Key: FINERACT-1831
>                 URL: https://issues.apache.org/jira/browse/FINERACT-1831
>             Project: Apache Fineract
>          Issue Type: Improvement
>            Reporter: Mihaly Dallos
>            Priority: Major
>
> {panel}
> *As a* _Fineract operator_
> *I want to* store tenant passwords encrypted
> *in order to* _reduce security risk_
> {panel}
> h4. *Background and details:*
> Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.…
> {panel}
> *Acceptance criteria*
>  # Tenant passwords are encrypted in the {{fineract_tenants}} schema
>  # Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption)
>  # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}
>  # Existing tenants are migrated over to encrypted passwords seamlessly
>  # The master password and initialization vector (IV) for encrypting the data can be configured via environment variables
>  # The encryption for tenant passwords cannot be turned off{panel}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)