---------- Forwarded message ---------- From: Manuranga Perera <[email protected]> Date: Tue, Jan 31, 2017 at 5:11 PM Subject: Security questions are encoded To: Johann Nallathamby <[email protected]>, Jayanga Kaushalya < [email protected]>, Isura Karunaratne <[email protected]>
Security questions are base64 encoded [1]. If they are encrypted (eg: RSA) or hashed (eg SHA) I can understand that it's for security reasons. All this does is obfuscation, poorly even at that, since base64 can be easily decoded. Or is it done for non-security reasons, like escaping special characters? [1] https://github.com/wso2/product-is/blob/6.0.x-C5_m3/ portal/osgi-services/org.wso2.is.portal.user.client.api/src/ main/java/org/wso2/is/portal/user/client/api/ChallengeQuestionManagerClient ServiceImpl.java#L113 -- With regards, *Manu*ranga Perera. phone : 071 7 70 20 50 mail : [email protected] -- With regards, *Manu*ranga Perera. phone : 071 7 70 20 50 mail : [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
