You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Steps to reproduce (which actions have you made) : Enhancement request
Expected result : N/A
Actual result : N/A
URL of the page : N/A
Screenshot of the problem (if pertinent) :
Hello,
I'd like to ask for help regarding securing the encryption key. If multiple users in our organization have access to the Account plugin and are allowed to make changes and change the encryption key, there's nothing stopping an disgruntled employee from changing the encryption key for all stored passwords without the knowledge of the other users.
If this happens (and isn't caught in time and the old backups expire), is there a way to decrypt the passwords if one has access to the database? Is it enough to use the new hash (for which we presumably don't have the key) to decrypt each password (and reencrypt them with a new, known hash)?
Otherwise, there should be a 2 step encryption key changing mechanism to force two different users to agree on the new key before it is changed. I think this is a lot of work, but it will be necessary in case one can't recover the passwords without the key.
Thank you
The text was updated successfully, but these errors were encountered:
Version of the plugin : 2.6.0
Version of your GLPI : 9.5.5
Steps to reproduce (which actions have you made) : Enhancement request
Expected result : N/A
Actual result : N/A
URL of the page : N/A
Screenshot of the problem (if pertinent) :
Hello,
I'd like to ask for help regarding securing the encryption key. If multiple users in our organization have access to the Account plugin and are allowed to make changes and change the encryption key, there's nothing stopping an disgruntled employee from changing the encryption key for all stored passwords without the knowledge of the other users.
If this happens (and isn't caught in time and the old backups expire), is there a way to decrypt the passwords if one has access to the database? Is it enough to use the new hash (for which we presumably don't have the key) to decrypt each password (and reencrypt them with a new, known hash)?
Otherwise, there should be a 2 step encryption key changing mechanism to force two different users to agree on the new key before it is changed. I think this is a lot of work, but it will be necessary in case one can't recover the passwords without the key.
Thank you
The text was updated successfully, but these errors were encountered: