David Van Couvering <[EMAIL PROTECTED]> writes: > Hi, all. Someone asked me if things have changed around password > encryption in 10.3 - is there some form of encryption by default, or > is the default still to send the password in the clear? I scanned the > "what's new" section of the release page but couldn't find anything > definitive...
Hi David, It is my understanding that you still need to add the securityMechanism attribute to the connection URL in order to get password encryption. http://db.apache.org/derby/docs/dev/ref/rrefattribsecmech.html: Clear Text Password security is the default if you do not specify the securityMechanism attribute and you specify both the user=userName and password=userPassword attributes. -- Knut Anders
