You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@syncope.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/03/03 16:36:00 UTC
[jira] [Commented] (SYNCOPE-1666) Security Answer encryption
[ https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17500865#comment-17500865 ]
ASF subversion and git services commented on SYNCOPE-1666:
----------------------------------------------------------
Commit 008459240094e7d021553b484d47aa1569626250 in syncope's branch refs/heads/2_1_X from Andrea Patricelli
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=0084592 ]
[SYNCOPE-1666] added security answer hashing (#319)
[SYNCOPE-1666] added security answer hashing
> Security Answer encryption
> ---------------------------
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 2.1.10
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
> Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive information, must be encrypted. We hav to use the same algorithms available for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)