Developer forum

Forum » Development » Override Password Encryption Method

Override Password Encryption Method

E-mail notifications
Mikkel Toustrup Olsen
Reply
Posted on 18/12/2014 14:32:18

Hey all,

As DW utilizes MD5 as encryption on users in the backend I wondered if it is possible to override this? - Pref. with somethuing like SHA256

Does anyone have any experience on this matter? e.g. regarding extenders or something of the like - I am currently working on an old solution which runs 8.1.x.x, and the customer will eventually upgrade to the latest stable version of Dynamicweb. I know the encyption issue has been discussed on the following post (Christian Fisker from Columbus):

see: http://developer.dynamicweb.com/forum/feature-requests/password-reset-link.aspx#Reply38942

Merry Christmas

Best Regards,

MikkelTO

 


Replies

 
Jeppe Eriksson Agger Dynamicweb Employee
Jeppe Eriksson Agger
Posted on 18/12/2014 14:43:27
Reply
This post has been marked as an answer

Hi Mikkel,

Currently, it's not possible to change the way user passwords are encrypted.

We are starting to move away from MD5 in certain places. Login tokens used in Email Marketing, for example, use SHA256. Internally, we're talking about redesigning our User Management into a more identity and role based system, and a rethink of password policies is a part of that. As of right now, we don't have anything to share though.

- Jeppe

Votes for this answer: 2

 

You must be logged in to post in the forum