PASSWORD_HASH_ALG

Description:

The PasswordManager class has been modified to store a hash of the user password in the WORKBRAIN_USER table. The hashing algorithm to use is specified in this registry parameter, with a default value of SHA-256. The hash is prefixed with the hashing algorithm prior to storage.

The WorkbrainAuthenticator class looks for the hash algorithm prefix to determine whether the user record contains a hashed value. If so, the password specified by the user is hashed using the same algorithm and compared to the stored value to authenticate the user. The authenticator still supports clear-text or encrypted passwords in the WORKBRAIN_USER table.

If the user is successfully authenticated, the WorkbrainAuthenticator class will silently update the stored password if necessary. This update occurs if the WORKBRAIN_USER table doesn’t contain a hash of the user password, or if the algorithm used to calculate the stored hash differs to that specified in the PASSWORD_HASH_ALG parameter.

Valid Values:

Any valid MessageDigest algorithm supported by Java JCA.

Default Value:

SHA-256

Location:

system/WORKBRAIN_PARAMETERS/

Effective:

n/a