Password encryption
- From: Paul Carlton <Paul Carlton@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 19 May 2008 06:34:01 -0700
I am working on a project to integrate Active Directory with a database, i.e.
support for AD integration so that customers can logon to our database using
their AD user and password.
The problem I'm trying to overcome is that the user sends their password as
clear text, i.e. they enter it into the ODBC/JDBC client. This means that
our ODBC/JDBC client and server code has access to this password in clear
text so a rouge developer could potentially capture user's password, which
they could use to access other company systems.
What I'd like is a client plug-in that the user could install that would
encrypt their password so the encrypted password could be passed through our
database to the AD server. The AD server would then decrypt the password,
verify it and respond to the authentication request.
Does this facility exist?
Thanks
.
- Follow-Ups:
- Re: Password encryption
- From: Herb Martin
- Re: Password encryption
- Prev by Date: Csharp code to add an AD user to an AD group?
- Next by Date: Re: Csharp code to add an AD user to an AD group?
- Previous by thread: Csharp code to add an AD user to an AD group?
- Next by thread: Re: Password encryption
- Index(es):
Relevant Pages
|
