[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502141#comment-17502141
]
ASF subversion and git services commented on SYNCOPE-1666:
----------------------------------------------------------
Commit b4a41e0e41f6c8c9b2ca1afc9ce7e19efd485bcf in syncope's branch
refs/heads/cas65 from Andrea Patricelli
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=b4a41e0 ]
[SYNCOPE-1666] added security answer hashing (#319) (#321)
* [SYNCOPE-1666] added security answer hashing (#321)
> Security Answer encryption
> ---------------------------
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 2.1.10
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
> Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
