Page History
Table of Contents |
---|
Introduction
Users frequently ask if JS7 can encrypt credentials. The answer is "no" as it makes no sense to handle a symmetric key that is in reach of the component that makes use of it. Encrypted passwords correspond to the "key under the mat" - they do not provide additional security. However, they contribute perfectly to "security by obfuscation".
There is only one There is a preferred way to securely handle passwords: not to use passwords.
If the use of passwords is required, then consider using to apply asymmetric encryption of credentials or use of a Credential Store. In addition, check if alternative Alternative authentication mechanisms such as Integrated Security can be applied for a number of DBMS.
Encryption of Credentials
JS7 offers JS7 - Encryption and Decryption.
This includes to encrypt passwords for database access, see JS7 - How to encrypt and decrypt Database Credentials
Credential Store
JS7 supports use of a Credential Store:
...