Idea - Cyphered site properties

Back to Ideas

Follow Idea

André Ramos

Cyphered site properties

On our Radar

Backend

It would be nice to be able to define cyphered site properties to store application passwords.

30 Aug 2011

Kilian Hekhuis

MVP

You mean encrypted?

31 Aug 2011

André Ramos

Yeah, encrypted

01 Sep 2011

Kilian Hekhuis

MVP

Well, the problem would then be that it must be a reversible encryption, if it must be communicated with some external source, making it a bit of a moot point. Perhaps a better idea would be to have a "password" type, and only show *** or the like (but of course when editing, the plain password shows again).

01 Sep 2011

André Ramos

It could have a system's master password to reverse it.

23 Dec 2011

Daniel Martins

I liked it! It would be very useful.
Sometimes we need to store proxy users and pwds, for example, that’s used on ECT_Client_Connector, proxy settings and authentication are stored on site proprieties and the pwd it's not encrypted....
?

05 Nov 2013

Vasanth

I would like to see this feature with site properties having the password type so as to hide the text while you enter in the service center.

10 Jun 2014

MVP

I would like to see "password" site-properties..

29 Apr 2015

Ricardo Pisco

Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.

Most of the times we have to put passwords in a site property and there’s no way to hide the value.Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.

Most of the times we have to put passwords in a site property and there’s no way to hide the value.

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.

23 Feb 2016

MVP

isn't this proposed before?

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.

24 Feb 2016

Pedro Gonçalves

Staff

Hi Ricardo,

Let me suggest a workaround to your issue which I often see as a better practice:

   1. Create an Entity to store your password(s); this entity will have only 1 record;

   2. Use Forge's CryptoAPI to encrypt the password in the database and later on to decrypt it as well;

   3. Keep you encryption key (and salt) in another place that is easy to fetch for later use with CryptoAPI in encryption/decryption operations, but also making it difficult for anyone to know about it and trying it out. I don't see an issue in using it as a site property, but it may depend on the sensitivity of your information and who can have access to it in your environment.

Regards,
Pedro

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.

25 Feb 2016

Daniel Martins

Hi Pedro,
This idea would be very useful, to avoid the scenario proposed by you, it would be more straight foward.
Nevertheless, this is smilar to the following idea:
https://www.outsystems.com/ideas/902/cyphered-site-properties

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.

26 Feb 2016

Ricardo Pisco

Hi Daniel,

The idea you suggested is almost the same thing, but in most of the projects I don’t need the password encrypted I just need to hide the value from the user.

I’m talking about something with the behavior of the password widget in Service Studio.

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.

26 Feb 2016

MVP

Merged this idea with 'Password field in site properties' (created on 2016-02-23 19:06:13 by Ricardo Pisco)

17 Oct 2017