Cyphered site properties

By André Ramos on 30 Aug 2011
It would be nice to be able to define cyphered site properties to store application passwords.
Kilian Hekhuis31 Aug 2011
You mean encrypted?
André Ramos1 Sep 2011
Yeah, encrypted
Kilian Hekhuis1 Sep 2011

Well, the problem would then be that it must be a reversible encryption, if it must be communicated with some external source, making it a bit of a moot point. Perhaps a better idea would be to have a "password" type, and only show *** or the like (but of course when editing, the plain password shows again).

André Ramos23 Dec 2011
It could have a system's master password to reverse it.
Daniel Martins5 Nov 2013
I liked it! It would be very useful.
Sometimes we need to store proxy users and pwds, for example, that’s used on ECT_Client_Connector, proxy settings and authentication are stored on site proprieties and the pwd it's not encrypted....
?
Vasanth 10 Jun 2014
I would like to see this feature with site properties having the password type so as to hide the text while you enter in the service center.
J.29 Apr 2015
I would like to see "password" site-properties..

Ricardo Pisco23 Feb 2016
Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.
 
Most of the times we have to put passwords in a site property and there’s no way to hide the value.Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.
 
Most of the times we have to put passwords in a site property and there’s no way to hide the value.


Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
J.24 Feb 2016
isn't this proposed before?

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Pedro Gonçalves25 Feb 2016
Hi Ricardo,

 Let me suggest a workaround to your issue which I often see as a better practice:

    1. Create an Entity to store your password(s); this entity will have only 1 record;

    2. Use Forge's CryptoAPI  to encrypt the password in the database and later on to decrypt it as well;

    3. Keep you encryption key (and salt) in another place that is easy to fetch for later use with CryptoAPI in encryption/decryption operations, but also making it difficult for anyone to know about it and trying it out. I don't see an issue in using it as a site property, but it may depend on the sensitivity of your information and who can have access to it in your environment.

 Regards,
 Pedro

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Daniel Martins26 Feb 2016
Hi Pedro,
This idea would be very useful, to avoid the scenario proposed by you, it would be more straight foward.
Nevertheless, this is smilar to the following idea:
http://www.outsystems.com/ideas/902/cyphered-site-properties

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Ricardo Pisco26 Feb 2016
Hi Daniel,
 
The idea you suggested is almost the same thing, but in most of the projects I don’t need the password encrypted I just need to hide the value from the user.
 
I’m talking about something with the behavior of the password widget in Service Studio.


Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.