OK thanks Bill! -----Original Message----- From: Bill Stewart <bstew...@iname.com> Sent: 14 January 2022 19:02 To: Tomcat Users List <users@tomcat.apache.org> Subject: Re: Tomcat 9 Encrpytion of JDBC
On Fri, Jan 14, 2022 at 10:25 AM Alan F wrote: > Interested to know your best practices on securing jdbc plain text > passwords, in my last place they used a mechanism to encrypt all passwords. > Is this the best method as I read some people don't recommend this. > Any details or procs on best practice appreciated. > The "best practice," generally speaking, is that doing so is basically pointless from a security perspective. https://cwiki.apache.org/confluence/display/TOMCAT/Password Bill