Password security - Data360_Analyze - 3 - 3.12

Data360 Analyze Server Help

Product type
Software
Portfolio
Verify
Product family
Data360
Product
Data360 Analyze
Version
3.12
Language
English
Product name
Data360 Analyze
Title
Data360 Analyze Server Help
Copyright
2023
First publish date
2016

Local user passwords

Local user passwords are salted with 512 bytes of random data generated by the SHA1PRGN algorithm and then hashed with SHA-512; they are hash stored locally, the original value is never stored (i.e. one-way).

LDAP user passwords

LDAP user passwords are not stored.

Password properties

Password values in Password properties are encrypted via AES-128, using a key generated by the PBKDF2 (PKCS #5 2.0) key derivation function from a passphrase which is stored in a local Java Key Store (JKS).

The JKS itself is protected by a system-wide password which is either encrypted into a property file entry, or required to be entered on application startup.

Note: Password properties that use textual substitution (e.g. {{^otherproperty^}}) will not be encrypted. It is therefore strongly recommended that you only substitute Password properties into other Password properties.

Decrypted Password property values are not retrievable via any API, and only by services used within the web application.