How to encode the password?
Question
Application Type
Reactive

Hi,

I'm facing a problem where I need to encode my password which should not be shown while inspecting the element network as shown in the image below.

Any help will be appreciated.

Thanks 

Prince

Hi prince,

In reactive there is a server action called encrypt password you can find it in the dependencies and use it in the save logic it will encrypt your password.


I was thinking the same, but then you can still see the password as it will be sent to the encrypt with another api (the server action).


I don't think its possible to hide the password when you send it to the backend for authentication unless you encrypt it in javascript / client side. But then you still need to know how to decrypt it serverside.

Hi,

inspecting in a input without saving or creating a log that's why the devtool show the value. do check after creating a login it will be encrypted in the serverside 

encrypted1.jpg

Hi Prince! 

You can use PlatformPasswordUtils API to generate salted encrypted password in Sha or MD type. You need just add from Forge this component  below - https://success.outsystems.com/Documentation/11/Reference/OutSystems_APIs/PlatformPasswordUtils_API

I hope that advice solve your issue


Best regards

Mukhamedali

Hi Prince,

dependant on your requirement i guess you have multiple options. You can simply obscure the password, eg. by encoding it to a base64 encoded string and decode it server side in the DoLogin server action.

If obscuring is not enough then you might choose to encrypt the input on client side with a symmetric key and encrypt it in the DoLogin action. On client side you may take a look at this forge component CryptoJS Reactive - Overview | OutSystems . For server side decryption this component here CryptoAPI - Overview | OutSystems is the most used one. Even more secure would be to perform an assymetric encryption by encrypting the password in javascript using a public key and decrypt the password with a corresponding private key in the DoLogin server action.

Hope that helps,

Stefan

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.