Foren
Password Encryption
Vishal Kumar, geändert vor 11 Jahren.
Password Encryption
Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträge
Is all user passwords is stored encrypted using salted SHA1 in liferay?
jelmer kuperus, geändert vor 11 Jahren.
RE: Password Encryption
Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträge
The encryption used is determined by the passwords.encryption.algorithm property
By default it uses unsalted sha iirc, which is not very secure
By default it uses unsalted sha iirc, which is not very secure
Vishal Kumar, geändert vor 11 Jahren.
RE: Password Encryption
Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträgejelmer kuperus:
The encryption used is determined by the passwords.encryption.algorithm property
By default it uses unsalted sha iirc, which is not very secure
Then in that case, How can i achieve Salted SHA1 algorithm.
jelmer kuperus, geändert vor 11 Jahren.
RE: Password Encryption
Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträge
Add
to your portal-ext.properties
using bcrypt might be even better
passwords.encryption.algorithm=SSHA
to your portal-ext.properties
using bcrypt might be even better
Vishal Kumar, geändert vor 11 Jahren.
RE: Password Encryption
Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträgejelmer kuperus:
Addpasswords.encryption.algorithm=SSHA
to your portal-ext.properties
using bcrypt might be even better
Thanks a lot jelmer