Page History
...
Users frequently ask if JS7 can encrypt credentials. The answer is "no" as it makes no sense to handle a symmetric key that is in reach of the component that makes use of it. Encrypted passwords correspond to the "key under the mat" , - they do not provide additional security, however. However, they perfectly contribute contribute perfectly to "security by obfuscation".
There is only one way only how to securely handle passwords: not to use passwords.
If the use of passwords is required, then consider to use using a Credential Store. In addition, check if alternative authentication mechanisms can be applied such as Integrated Security can be applied.
Credential Store
JS7 supports use of a Credential Store:
...
Integrated Security
Integrated Security includes that
...
is an authentication scheme
...
based on the fact that the account
...
which a component is operated for is already authenticated by the OS and therefore can access a database without specifying user/password credentials.
...
This feature is available for a number of DBMS such as:
- Microsoft SQL Server®, see the JS7 - How to connect to an SQL Server database without using passwords article.
- Oracle® that includes including support for Oracle® Wallet, see the JS7 - How to make JOC Cockpit connect to an Oracle database using Wallet® article.