Custom password encription and decription

Foren

Ramesh Gundi, geändert vor 10 Jahren.

Custom password encription and decription

New Member Beitrag: 1 Beitrittsdatum: 12.08.10 Neueste Beiträge

Hi,

I am working one requirement . I need to send password to my users. But as per liferay documents i cant decrypt the password stored in Users_ table.
Because algorithm used by liferay SHA1 so i can't decrypt.

I have idea to implement one approach. In liferay Users_ table will add custom field and there i will passowrd by using my own ecryption and decription logic.
Whenever i want fetch the password from Custom field and decrypt and send to users. But when user updates or if throug LDAP if updated password it will have problem.

Please suggest any other good approch to solve my problem.

Thanks in advance...

Regards,
Ramesh Kumar Gundi

Wilson Man, geändert vor 10 Jahren.

RE: Custom password encription and decription

Liferay Master Beiträge: 581 Beitrittsdatum: 21.06.06 Neueste Beiträge

It's generally not a good idea to decrypt and send users their passwords via email. is it possible to ask your business (or client) to alter their requirement on this?

A better way is to send user a temporary password, the first time they login with the temporary password, you require them to change/update their password. There are still security concerns with this approach, but better than simply sending users their existing password without forcing a change.