0
 Followers
18
 Likes

Cyphered site properties

Backend
On our radar
It would be nice to be able to define cyphered site properties to store application passwords.
Created on 30 Aug 2011
Comments (13)
You mean encrypted?
Yeah, encrypted

Well, the problem would then be that it must be a reversible encryption, if it must be communicated with some external source, making it a bit of a moot point. Perhaps a better idea would be to have a "password" type, and only show *** or the like (but of course when editing, the plain password shows again).

It could have a system's master password to reverse it.
I liked it! It would be very useful.
Sometimes we need to store proxy users and pwds, for example, that’s used on ECT_Client_Connector, proxy settings and authentication are stored on site proprieties and the pwd it's not encrypted....
?
I would like to see this feature with site properties having the password type so as to hide the text while you enter in the service center.
I would like to see "password" site-properties..

Merged this idea with 'Password field in site properties' (created on 2016-02-23 19:06:13 by Ricardo Pisco)
Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.
 
Most of the times we have to put passwords in a site property and there’s no way to hide the value.Service Center should have the possibility to set site properties as passwords this way the value wasn’t shown.
 
Most of the times we have to put passwords in a site property and there’s no way to hide the value.


Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
isn't this proposed before?

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Hi Ricardo,

 Let me suggest a workaround to your issue which I often see as a better practice:

    1. Create an Entity to store your password(s); this entity will have only 1 record;

    2. Use Forge's CryptoAPI  to encrypt the password in the database and later on to decrypt it as well;

    3. Keep you encryption key (and salt) in another place that is easy to fetch for later use with CryptoAPI in encryption/decryption operations, but also making it difficult for anyone to know about it and trying it out. I don't see an issue in using it as a site property, but it may depend on the sensitivity of your information and who can have access to it in your environment.

 Regards,
 Pedro

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Hi Pedro,
This idea would be very useful, to avoid the scenario proposed by you, it would be more straight foward.
Nevertheless, this is smilar to the following idea:
http://www.outsystems.com/ideas/902/cyphered-site-properties

Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
Hi Daniel,
 
The idea you suggested is almost the same thing, but in most of the projects I don’t need the password encrypted I just need to hide the value from the user.
 
I’m talking about something with the behavior of the password widget in Service Studio.


Merged from 'Password field in site properties' (idea created on 2016-02-23 19:06:13 by Ricardo Pisco), on 2017-10-17 11:54:00 by J.
views
351
Followers
0