DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Password Encryption Algorithm

    Posted Mon October 02, 2023 09:11 AM

    Hi Team,

    Can you please confirm the password encryption algorithm (MD5,SHA,AES) used to store the users password/password alias map config in appliance.

    Thanks



  • 2.  RE: Password Encryption Algorithm

    Posted Fri October 06, 2023 09:25 AM

    Hello IBM Folks (Hermann??), I'd be interested in this as well.  

    Many times this kind of question comes from a security audit, so if you can please provide the answer.



    ------------------------------
    Joseph Morgan
    ------------------------------

    Original Message


  • 3.  RE: Password Encryption Algorithm

    Posted Mon October 09, 2023 09:57 AM

    When you define role-based management (RBM), you define the password policy for local users. The password policy provides whether you want to use MD5 (default) or SHA-256 Crypt as the hash, where you want to use SHA-256 Crypt. Then there is encryption like all things on DataPower, but those details are proprietary.



    ------------------------------
    F Hackerman
    ------------------------------

    Original Message


  • 4.  RE: Password Encryption Algorithm

    Posted Tue October 10, 2023 11:11 AM

    Is that also the governing setting for protection of password map aliases?



    ------------------------------
    Joseph Morgan
    ------------------------------

    Original Message


  • 5.  RE: Password Encryption Algorithm

    Posted Thu October 12, 2023 05:32 AM

    Hi Hackerman,

    I have already checked on RBM Password encryption.
    Below is used, so it means all our password encryption works on sha-256 mechanism.



    Thanks



    ------------------------------
    Sunil Chaurasia
    ------------------------------

    Original Message


Related Content