Password encryption

Ben Doorn

Posted on 04/07/2017 14:12:56

Guys,

How do I completely turn off password encryption?

First let me explain why on earth I need it to be turned off, because requlary this is to be a bad idea. In an existing project we don't use the DW login but a custom AD verification of the user, however we store an API key of a 3rd party system in the Password field of the DW user. We upgraded the system to a newer version and end up with encrypted passwords in the database.

I turned the encryption off and then I can read the password in Dynamicweb, but the password in the database is still somewhat encrypted.

Kind regards,

Ben

Replies

Martin Vang

Posted on 05/07/2017 13:11:37

Hi Ben,

Did you import before you turned off the password encryption?

Martin

Ben Doorn

Posted on 05/07/2017 15:01:27

Yes, the import of API keys is done every 24 hours because they change regulary.

Martin Vang

Posted on 06/07/2017 08:14:51

Hi Ben,

So if you go to user and edit their password, is it then encrypted? And if you save said user without enabling password encryption, does the password get saved unencrypted to the database?

Martin

You must be logged in to post in the forum

Developer forum

Password encryption

Replies