How do I encrypt users passwords?
Asset Bank can optionally store user's password in an encrypted fashion in the Asset Bank database (Note: this is the default behaviour in more recent versions of Asset Bank).
If your Asset Bank is currently storing the passwords in an unencrypted fashion and you would like to change that then take one of the two approaches below...
For newly installed Asset Banks (no new or changed users after installation)
- Open <tomcat home>\webapps\asset-bank\WEB-INF\classes\ApplicationSettings.properties in a text editor
- Search for the setting 'encrypt-passwords'
- Change it's value to true
- Save and close the settings file
- Restart Tomcat
For Asset Banks that have had users added to them or had existing users modified.
- Take a backup of your Asset Bank database
- Login to your Asset Bank as an admin user
- Run the action http://<urlOfAssetBank>/asset-bank/action/encryptPasswords and wait to be redirected back to the homepage
- Ask users to test their login to make sure that the encryption has worked and users can still login
- If for any reason there are problems with user login after the encryption restore the backup of the database and contact support@asset-bank.co.uk