[midPoint] Storing passwords in Midpoint
Devin Rosenbauer
devin at identityworksllc.com
Fri Apr 1 18:51:55 CEST 2016
Typically an identity manager needs access to the user's password in
cleartext so that it can be set on other systems, e.g. setting the user's
initial password on a new account, etc.
On Fri, Apr 1, 2016 at 12:45 PM, Florin. Stingaciu <fstingaciu at mirantis.com>
wrote:
> Hello,
>
> From my understanding passwords in Midpoint are encrypted using an 256-bit
> AES key and then stored in the Midpoint DB. I was wondering if there is any
> sort of hash applied to password before it's encrypted. If not, is there a
> purpose for having access to the clear text password?
>
> Thanks,
> -F
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
Devin Rosenbauer
Principal Consultant
Identity Works LLC
+1 585 210 3201
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160401/f0e0bdff/attachment.htm>
More information about the midPoint
mailing list