[
https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513168
]
Jacques Le Roux commented on OFBIZ-1151:
----------------------------------------
Jeremy,
Did you notice that they use a one way only encryption (ie no decryption is
normaly possible, of couse even the better encryption algorithms known so far
have been cracked)?
If I remember well SHA-1 is used : http://en.wikipedia.org/wiki/SHA-1
This may also interest you :
http://www.nabble.com/How-do-I-decrypt-passwords--tf3081869.html#a8562707
> Passwords are not seeded
> ------------------------
>
> Key: OFBIZ-1151
> URL: https://issues.apache.org/jira/browse/OFBIZ-1151
> Project: OFBiz
> Issue Type: Improvement
> Components: party
> Affects Versions: SVN trunk, Release Branch 4.0
> Reporter: Wickersheimer Jeremy
> Priority: Minor
>
> Password are currently hashed but not seeded which may be a security issue.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
