DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Password Encryption Algorithm

    Posted 10/02/23 09:11 AM

    Hi Team,

    Can you please confirm the password encryption algorithm (MD5,SHA,AES) used to store the users password/password alias map config in appliance.

    Thanks



  • 2.  RE: Password Encryption Algorithm

    Posted 10/06/23 09:25 AM

    Hello IBM Folks (Hermann??), I'd be interested in this as well.  

    Many times this kind of question comes from a security audit, so if you can please provide the answer.



    ------------------------------
    Joseph Morgan
    ------------------------------



  • 3.  RE: Password Encryption Algorithm

    Posted 10/09/23 09:57 AM

    When you define role-based management (RBM), you define the password policy for local users. The password policy provides whether you want to use MD5 (default) or SHA-256 Crypt as the hash, where you want to use SHA-256 Crypt. Then there is encryption like all things on DataPower, but those details are proprietary.



    ------------------------------
    F Hackerman
    ------------------------------



  • 4.  RE: Password Encryption Algorithm

    Posted 10/10/23 11:11 AM

    Is that also the governing setting for protection of password map aliases?



    ------------------------------
    Joseph Morgan
    ------------------------------

    Original Message


  • 5.  RE: Password Encryption Algorithm

    Posted 10/12/23 05:32 AM

    Hi Hackerman,

    I have already checked on RBM Password encryption.
    Below is used, so it means all our password encryption works on sha-256 mechanism.



    Thanks



    ------------------------------
    Sunil Chaurasia
    ------------------------------

    Original Message


Related Content