[ https://issues.apache.org/jira/browse/DELTASPIKE-1250?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Struberg resolved DELTASPIKE-1250. --------------------------------------- Resolution: Fixed > create a master/client encryption handling > ------------------------------------------ > > Key: DELTASPIKE-1250 > URL: https://issues.apache.org/jira/browse/DELTASPIKE-1250 > Project: DeltaSpike > Issue Type: New Feature > Components: Configuration > Affects Versions: 1.7.2 > Reporter: Mark Struberg > Assignee: Mark Struberg > Fix For: 1.8.0 > > > For storing passwords in our configuration I'd like to implement a 2 stage > approach to symmetric encryption. > The current ideas is to have an encrypted hash derived from a master password > and machine specific information (MAC, IP, expiry date, etc). > This encrypted sequence is different on every box. But the decrypted hash is > not. > > With this hash we can encode a user password, which is then ofc the same on > different boxes. > Of course all that is just security by obscurity, but it's still much better > than plaintext and even close to Hashicorp Vault. > After all, the only really secure way is using a hardware crypto box plus the > user has to manually provide a password and not using static passwords but > 1-time consumable tokens. -- This message was sent by Atlassian JIRA (v6.3.15#6346)