Hi
Are Laserfiche user passwords created in the Admin Module (v9.1) stored encrypted in the SQL database - or are thye left as palin text?
In Laserfiche 9.1 and higher, for new users or users that have changed their passwords, we hash using PBKDF2/HMAC-SHA2 with 100,000 iterations
They are encrypted.
Is it possible to decrypt the password (in workflow or forms)?
No.
The point of modern password hashing schemes like the one we use is that passwords can be validated but not extracted. If you need to use the password somewhere, you must configure that application to have it.
Hi Brian,
How can I configure that application?
If you really need to do it, it would be a process variable or whatever. But there is probably a better way of doing whatever you are trying to accomplish.
Brian,
I created a webfom with a lookup table.
In the collection, I have a url link to see the files in the web client.
The user can open the file in a new tab but he need to login first.
I know this is a security but I want to skip this step.
I mean if the user can access to this webform, that means he can also access to the repository. I don't want him to connect a second time
Have you looked into using LFDS for Single Sign-on? That's exactly what it provides.
Hi Brian, thanks a lot.
We are using Avante. In my mind LFDS is for RIO, right?