[ https://issues.apache.org/jira/browse/FINERACT-1831?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mihaly Dallos updated FINERACT-1831: ------------------------------------ Description: {panel} *As a* _Fineract operator_ *I want to* store tenant passwords encrypted *in order to* _reduce security risk_ {panel} h4. *Background and details:* Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.… {panel} *Acceptance criteria* # Tenant passwords are encrypted in the {{fineract_tenants}} schema # Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption) # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}} # Existing tenants are migrated over to encrypted passwords seamlessly # The master password and initialization vector (IV) for encrypting the data can be configured via environment variables # The encryption for tenant passwords cannot be turned off{panel} was: h2. Description {panel} {panel} {panel} *As a* _Fineract operator_ *I want to* store tenant passwords encrypted *in order to* _reduce security risk_ {panel} h4. *Background and details:* Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.… {panel} *Acceptance criteria* # Tenant passwords are encrypted in the {{fineract_tenants}} schema # Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption) # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}} # Existing tenants are migrated over to encrypted passwords seamlessly # The master password and initialization vector (IV) for encrypting the data can be configured via environment variables # The encryption for tenant passwords cannot be turned off {panel} > Tenant passwd encryption > ------------------------ > > Key: FINERACT-1831 > URL: https://issues.apache.org/jira/browse/FINERACT-1831 > Project: Apache Fineract > Issue Type: Improvement > Reporter: Mihaly Dallos > Priority: Major > > {panel} > *As a* _Fineract operator_ > *I want to* store tenant passwords encrypted > *in order to* _reduce security risk_ > {panel} > h4. *Background and details:* > Tenant passwords are stored in plain text in the database. It should be > encrypted to disable accidental share/access.… > {panel} > *Acceptance criteria* > # Tenant passwords are encrypted in the {{fineract_tenants}} schema > # Tenant passwords are encrypted with AES encryption using Java (not the DB > level encryption) > # The AES mode is CBC ({{{}AES/CBC/PKCS5Padding){}}} > # Existing tenants are migrated over to encrypted passwords seamlessly > # The master password and initialization vector (IV) for encrypting the data > can be configured via environment variables > # The encryption for tenant passwords cannot be turned off{panel} -- This message was sent by Atlassian Jira (v8.20.10#820010)