[jira] [Commented] (SYNCOPE-1666) Security Answer encryption

ASF subversion and git services (Jira) Sat, 05 Mar 2022 02:45:22 -0800


    [ 
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17501706#comment-17501706
 ]


ASF subversion and git services commented on SYNCOPE-1666:
----------------------------------------------------------

Commit 7491636f0f7cea3341fc5942e91e152d29086ebc in syncope's branch 
refs/heads/master from Francesco Chicchiriccò
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=7491636 ]

[SYNCOPE-1666] Conditionally setting security answer value in linked accounts


> Security Answer encryption 
> ---------------------------
>
>                 Key: SYNCOPE-1666
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
>             Project: Syncope
>          Issue Type: Improvement
>          Components: core
>    Affects Versions: 2.1.10
>            Reporter: Andrea Patricelli
>            Assignee: Andrea Patricelli
>            Priority: Major
>             Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive 
> information, must be encrypted. We hav to use the same algorithms available 
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on 
> already existing installations.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SYNCOPE-1666) Security Answer encryption

Reply via email to