8.4
Hi all, I would like to understand more about how does IIQ store identity passwords? What hashing algorithm does it use?
Hi @shijingg,
Generally, IIQ has 2 ways to encrypt passwords.
Every password are encrypted in IIQ, but you can decide at wich level.
Standard: Is always active and IIQ encrypt the pwds of all field as marked like password, like password\clientsecret on application and password field on forms. Those encryption save the password with a “1:” at the start.
Keystore: you can activate the keystore, where you can generate one or more keys of encryption end the ecrypted password has a “2:” or “3:” at the start, the number of the key that you are using to ecrypt.
The most important things is that all pwds encrypted with the standard method can be decrypted in every IIQ installation, with the other could be decrypted with own Keystore file.
Hi @enistri_devo ,
Thank you for replying. But what I am looking for is more towards does IIQ use PBKDF2 password hashing algorithm or equivalent password hashing algorithms?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.