[ https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513168 ]
Jacques Le Roux commented on OFBIZ-1151: ---------------------------------------- Jeremy, Did you notice that they use a one way only encryption (ie no decryption is normaly possible, of couse even the better encryption algorithms known so far have been cracked)? If I remember well SHA-1 is used : http://en.wikipedia.org/wiki/SHA-1 This may also interest you : http://www.nabble.com/How-do-I-decrypt-passwords--tf3081869.html#a8562707 > Passwords are not seeded > ------------------------ > > Key: OFBIZ-1151 > URL: https://issues.apache.org/jira/browse/OFBIZ-1151 > Project: OFBiz > Issue Type: Improvement > Components: party > Affects Versions: SVN trunk, Release Branch 4.0 > Reporter: Wickersheimer Jeremy > Priority: Minor > > Password are currently hashed but not seeded which may be a security issue. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.