Hey Folks,
Recently our company has been focused on locking things down and one of the things that came up in the audit of anything and everything is that our users ID and Password are stored in plain text in our database table we use as a user repository for our CJAP authentication into cognos.
We have a table with;
UserName | Password | Fullname | Email etc...
And they want this password to be somehow stored encrypted. We do hash the passwords before we populate this table however when users login they are still passing this hashed plain text password so the company sees it as something that should be fixed.
Does anyone have some advice or can point me to a resource where we can have this encrypted in some way?
Thanks in advance.