cancel
Showing results for 
Search instead for 
Did you mean: 

User Credentials are sent in clear text in alfresco community 5.2

leela
Confirmed Champ
Confirmed Champ

Hello Every one,

               User credentials are transmitted as plain text, how to encrypt the user and admin creadentials,  While authenticating, the entered password can be run through the same function and the result can be compared to the entry in the database to authenticate. kindly do needful.

Regards

Leela N

        

2 REPLIES 2

jljwoznica
Star Collaborator
Star Collaborator

I'm not quite sure I understand your question. Are you saying that using the standard out of the box interfaces, your passwords are not encrypted? Can you explain where you are seeing the user/pass not encrypted? thank you.

bip1989
Star Contributor
Star Contributor

I don't think it's problem related to Alfresco. Any web application would transmit plain text by default unless you have implemented certain mechanisms. 

I am not sure if your sever is in production, but it is recommended to use/implement SSL. credentials are by default encrypted when using SSL.