Introduction
Users frequently ask if JS7 can encrypt credentials. The answer is "no" as it makes no sense to handle a symmetric key that is in reach of the component that makes use of it. Encrypted passwords correspond to the "key under the mat", they do not provide additional security, however, they perfectly contribute to "security by obfuscation".
There is one way only how to securely handle passwords: not to use passwords.
If use of passwords is required then consider to use a Credential Store. In addition, check if alternative authentication mechanisms can be applied such as Integrated Security.
Credential Store
JS7 supports use of a Credential Store:
Integrated Security
Integrated Security includes that
- this authentication scheme is based on the fact that the account that a component is operated for is already authenticated by the OS and therefore can access a database without specifying user/password credentials.
- this feature is available for a number of DBMS such as
- Microsoft SQL Server®, see the JS7 - How to connect to an SQL Server database without using passwords article.
- Oracle® that includes support for Oracle® Wallet, see the JS7 - How to make JOC Cockpit connect to an Oracle database using Wallet® article.