[mitreid-connect] user management

Benjamin Kaduk kaduk at MIT.EDU
Fri Dec 12 12:32:28 EST 2014


On Fri, 12 Dec 2014, Rafael Weingartner wrote:

> About the password, you could save them using any method you want, then you
> would just need to change the “passwordEncoder” bean of the
> AuthenticationProvider Bean. The default is indeed plaintext.

There are much better options than md5 available, too.  E.g., BCrypt or
something based on the SHA-2 family.

-Ben


More information about the mitreid-connect mailing list