[
https://issues.apache.org/jira/browse/FINERACT-1831?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mihaly Dallos updated FINERACT-1831:
------------------------------------
Description:
{panel}
*As a* _Fineract operator_
*I want to* store tenant passwords encrypted
*in order to* _reduce security risk_
{panel}
h4. *Background and details:*
Tenant passwords are stored in plain text in the database. It should be
encrypted to disable accidental share/access.…
{panel:title=Acceptance criteria}
# Tenant passwords are encrypted in the {{fineract_tenants}} schema
# Tenant passwords are encrypted with AES encryption using Java (not the DB
level encryption)
# The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}
# Existing tenants are migrated over to encrypted passwords seamlessly
# The master password and initialization vector (IV) for encrypting the data
can be configured via environment variables
# The encryption for tenant passwords cannot be turned off{panel}
was:
{panel}
*As a* _Fineract operator_
*I want to* store tenant passwords encrypted
*in order to* _reduce security risk_
{panel}
h4. *Background and details:*
Tenant passwords are stored in plain text in the database. It should be
encrypted to disable accidental share/access.…
{panel}
*Acceptance criteria*
# Tenant passwords are encrypted in the {{fineract_tenants}} schema
# Tenant passwords are encrypted with AES encryption using Java (not the DB
level encryption)
# The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}
# Existing tenants are migrated over to encrypted passwords seamlessly
# The master password and initialization vector (IV) for encrypting the data
can be configured via environment variables
# The encryption for tenant passwords cannot be turned off{panel}
> Tenant passwd encryption
> ------------------------
>
> Key: FINERACT-1831
> URL: https://issues.apache.org/jira/browse/FINERACT-1831
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Mihaly Dallos
> Priority: Major
>
> {panel}
> *As a* _Fineract operator_
> *I want to* store tenant passwords encrypted
> *in order to* _reduce security risk_
> {panel}
> h4. *Background and details:*
> Tenant passwords are stored in plain text in the database. It should be
> encrypted to disable accidental share/access.…
> {panel:title=Acceptance criteria}
> # Tenant passwords are encrypted in the {{fineract_tenants}} schema
> # Tenant passwords are encrypted with AES encryption using Java (not the DB
> level encryption)
> # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}}
> # Existing tenants are migrated over to encrypted passwords seamlessly
> # The master password and initialization vector (IV) for encrypting the data
> can be configured via environment variables
> # The encryption for tenant passwords cannot be turned off{panel}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
