1. Home
  2. Security
  3. Encrypting Passwords

Encrypting Passwords

Overview

m-Power can easily be configured to use any existing encrypted column for password values when securing your applications against a flat file. For more on how to do this, see this page.

While this works great for existing encryptions, it is also possible to use m-Power to encrypt new values as well. To do so, you can use a built-in m-Power external object in any maintainer, which the following steps list in detail.

Step 1 – Registering the External Object

First you will need to register the external object needed for your maintainer to m-Power.

Navigate to Admin -> External Objects -> Create New. Press “Create New External Object” at the top right of the window.

Plug in the following information (screenshot on right for reference):

  • Object Name: SHA_ENCODE
  • Description: Password Encryption
  • Object Type: Java Method
  • Java Class Name: com.mrc.ext.SHAEncode
  • Java Method Name: encode

The values in bold must be set up exactly as shown.

Once done, press Save Object.

Next, find the newly created object in the list of External Objects and select View Parms -> Create New Parameter. Two parameters will be needed for this object:

Parameter 1

  • Description: Encryption Type
  • Length: 10
  • Required Parm: Yes

Parameter 2

  • Description: Password
  • Length: 99
  • Required Parm: Yes

Step 2 – Editing the application

Next, this External Object will be added into the maintainer application that is built over your password table.

Edit the maintainer and go to Additional Options -> External Objects. Press the Add New External Object button.

Select the Password Encryption object created from Step 1 and select a before action location (*BEFOREACT, *BEFOREADD, *BEFOREUPD, *BEFOREDLT). This is necessary as the Java encryption program must encrypt the password value before the record is written to the database.

Set the Encryption Type parameter to ‘Map a constant’. Use any one of these appropriate valid encryption types as the Default Value:

  • MD2
  • MD5
  • SHA-1
  • SHA-256
  • SHA-384

Finally, map your application’s password field to the second parameter by selecting it from the dropdown.

Click Save External Object once done and then rebuild the application.

Note: Overwriting the HTML presentation files (m-Painter) during a rebuild is not required when adding/modifying External Objects.

Additional Notes

  • Don’t forget to set the encryption_type property in the Sign On configuration as well to match the encryption type being used for your password values.
  • The encryption method only encrypts the password values. For security reasons, passwords values cannot be decrypted. In the case of a forgotten password, users may use the Password Reset functionality to set a new password.
  • The External Object does not need to be promoted to production. Simply promote the maintainer application and the mrcSignon2.xml file (Sign On Configuration) file.
Updated on August 4, 2023

Was this article helpful?

Related Articles