Hashing

From ProVide DocWiki
Jump to: navigation, search

Encrypted passwords can with effort be decrypted and the original password will be revealed.

If you hash your password however, there is no way to get the original password back.

If encrypted passwords are not secure enough for your needs, its possible to enable password hashing.

Remember that once you have enabled password hashing, you can not go back to encrypted passwords again.

Instructions

1. Stop the service

2. Edit settings.ini and find [Password Algorithm]

3. Change Default to BCrypt

4. Save settings.ini

5. Start the service again.


You can verify that accounts password are hashed by going into the account folder and open the .uac file

Password.BCrypt = Hashed

Password.e1 = Encrypted

Password = Clear text

If you cache a password, it will not be Hashed (to for instance enable a share-link with Active Directory impersonation).