[ https://issues.apache.org/jira/browse/ARTEMIS-786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15604001#comment-15604001 ]
ASF GitHub Bot commented on ARTEMIS-786: ---------------------------------------- Github user gaohoward commented on the issue: https://github.com/apache/activemq-artemis/pull/835 @jbertram So I did some refactoring: * Now DefaultSensitiveStringCodec supports 2 kinds of masking one-way hashing and two-way encoding/decoding * one-way hashing is used by cli and PropertiesLoginModule, it also has a verify method to help checking passwords * two-way is used by other password masking in artemis. (existing feature) * Other utils like HashProcessor doesn't do hashing or encoding. They are used to facilitate password management (either plaintext or hashed). * Cli commands is used for user management and manual changing is not needed (although user can use raw DefaultSensitiveStringCodec to to it). > Store user's password in hash form by default > --------------------------------------------- > > Key: ARTEMIS-786 > URL: https://issues.apache.org/jira/browse/ARTEMIS-786 > Project: ActiveMQ Artemis > Issue Type: Improvement > Components: Broker > Affects Versions: 1.4.0 > Reporter: Howard Gao > Assignee: Howard Gao > Fix For: 1.5.0 > > > Artemis use plaintext to store user's password. To enhance security it should > be using hash value instead. -- This message was sent by Atlassian JIRA (v6.3.4#6332)