Foren

  1. Startseite
  2. Development
  3. Password Encryption

Password Encryption

thumbnail
Vishal Kumar, geändert vor 11 Jahren.

Password Encryption

Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträge
Is all user passwords is stored encrypted using salted SHA1 in liferay?
thumbnail
jelmer kuperus, geändert vor 11 Jahren.

RE: Password Encryption

Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträge
The encryption used is determined by the passwords.encryption.algorithm property
By default it uses unsalted sha iirc, which is not very secure
thumbnail
Vishal Kumar, geändert vor 11 Jahren.

RE: Password Encryption

Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträge
jelmer kuperus:
The encryption used is determined by the passwords.encryption.algorithm property
By default it uses unsalted sha iirc, which is not very secure

Then in that case, How can i achieve Salted SHA1 algorithm.
thumbnail
jelmer kuperus, geändert vor 11 Jahren.

RE: Password Encryption

Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträge
Add 

passwords.encryption.algorithm=SSHA


to your portal-ext.properties

using bcrypt might be even better
thumbnail
Vishal Kumar, geändert vor 11 Jahren.

RE: Password Encryption

Regular Member Beiträge: 198 Beitrittsdatum: 12.12.12 Neueste Beiträge
jelmer kuperus:
Add 

passwords.encryption.algorithm=SSHA


to your portal-ext.properties

using bcrypt might be even better


Thanks a lot jelmer