Uploaded image for project: 'Apache Fineract'
  1. Apache Fineract
  2. FINERACT-1831

Tenant passwd encryption

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.9.0
    • None

    Description

      As a Fineract operator
      I want to store tenant passwords encrypted
      in order to reduce security risk

      Background and details:

      Tenant passwords are stored in plain text in the database. It should be encrypted to disable accidental share/access.…

      Acceptance criteria
      1. Tenant passwords are encrypted in the fineract_tenants schema
      2. Tenant passwords are encrypted with AES encryption using Java (not the DB level encryption)
      3. The AES mode is CBC (AES/CBC/PKCS5Padding)
      4. Existing tenants are migrated over to encrypted passwords seamlessly
      5. The master password and initialization vector (IV) for encrypting the data can be configured via environment variables
      6. The encryption for tenant passwords cannot be turned off

      Attachments

        Issue Links

          Activity

            People

              mdallos Mihaly Dallos
              mdallos Mihaly Dallos
              Votes:
              2 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: