[jira] [Commented] (SYNCOPE-1666) Security Answer encryption

ASF subversion and git services (Jira) Thu, 31 Mar 2022 07:15:07 -0700


    [ 
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515359#comment-17515359
 ]


ASF subversion and git services commented on SYNCOPE-1666:
----------------------------------------------------------

Commit 7c856ebbfbd352cffda8bbfad737ad32840d74c9 in syncope's branch 
refs/heads/master from Andrea Patricelli
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=7c856eb ]

[SYNCOPE-1666] linked account must have AES as encryption algorithm (#334)



> Security Answer encryption 
> ---------------------------
>
>                 Key: SYNCOPE-1666
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
>             Project: Syncope
>          Issue Type: Improvement
>          Components: core
>    Affects Versions: 2.1.10
>            Reporter: Andrea Patricelli
>            Assignee: Andrea Patricelli
>            Priority: Major
>             Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive 
> information, must be encrypted. We hav to use the same algorithms available 
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on 
> already existing installations.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SYNCOPE-1666) Security Answer encryption

Reply via email to